Re: Fwd: [Nea] Re: use of a design team to develop requirements

[Keith Moore <moore at cs.utk.edu>]

> > whether the search is illegal is irrelevant to this discussion.
>
>   My point was that certain architectures of NEA are more likely to be
> legal than others.  This knowledge should have *some* effect on the
> design of the solution.  Why design something we know can't be deployed?

okay, I think I see your point.

> > you don't need Turing completeness to be extremely invasive.  for
> > example, a way to ask "tell me what the value of octet X at offset Y in
> > file Z" is sufficient to download the entire file system.
>
>   Which is why *informative* protocols are much more robust than ones
> that perform queries.

the word "informative" seems rather vague.

>   What should be a major point in these discussions is that if the
> network admin "owns" the end host, then he should be able to configure
> it to send out the information needed when the machine connects to the
> network.  Any querying protocol is overkill, and adds nothing.
>
>   So long as the protocol involves remediation, then the end host can
> connect to a remediation network, and download the latest rules about
> what information needs to be sent to the network.  It then disconnects
> from the remediation network, and reconnects to the normal network,
> supplying the newly requested information.

somehow I think the concept of a remediation network really should be 
out of scope for the NEA discussion.  we understand that this is one way 
that NEA might be used, of course, but the idea that there should be a 
separate remediation network seems very shortsighted from an 
architectural perspective.  also, in some cases (zero-day exploits) 
remediation may not be immediately possible.

Keith

_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea