Re: Fwd: NEA requirements (was Re: Fwd: [Nea] Re: use of a design team to develop requirements)

[Keith Moore <moore at cs.utk.edu>]

> > I suppose that begs the question of how NEA clients learn the profiles
> > that they need to evaluate.
>
>   I think it's "via the remediation network, which is outside of the
> scope of NEA".

not clear.  at least the format of the profiles needs to be 
standardized, IMHO, otherwise there's no capability for interoperation 
and no point to having an NEA standard.

> >  Does the NEA protocol need to support, or
> > is this somebody else's problem?  What if the client connects and finds
> > that its profile is out-of-date, should NEA allow the client to download
> > the current profile?
>
>   The server should decide if the clients profile is out of date. 

on that much we agree.  the question is how the client gets the new 
profile.  I don't like having the answer be "via the remediation 
network" because I think the whole concept of a remediation network is 
architecturally dubious.  it might be fine for now but is not IMHO 
something we want to base a standard on.  it also seems to me that some 
networks will not want to provide remediation but will want to use NEA 
and that NEA should still be able to provide a definite answer.  that 
implies to me that the profile downloading should be able to happen via 
NEA, rather than introduce a situation where NEA can't tell whether a 
client is trustworthy or not because the client doesn't have a current 
profile.

I also suspect that we're going to need to put some limitations on how 
frequently a profile can be changed in order to limit the potential for 
NEA to be used as a means of extracting arbitrary information from a 
client.  If the server can keep changing the profile that's about as bad 
as allowing the server to iterate queries.


>   My take is that policy updates will happen much less often than
> connection requests.  So if nothing else, it's more efficient to not
> have queries at every connection attempt.  Since the queries and/or
> policy updates may be large, it would be better to leverage real
> networks for that process, rather than trying to carry large amounts of
> data in the NEA protocol itself.

what do you mean by "real networks"?  do you assume that NEA will 
operate over something besides TCP/IP? TCP seems perfectly capable of 
carrying enough data to transmit an NEA profile.

Keith


_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea