Re: [Nea] NEA charter query

[Alan DeKok <aland at deployingradius.com>]

Stephen Hanna wrote:
> ... Enterprises often
> use protocols over the Internet and it's not unlikely that NEA
> protocols might have to transit the Internet in a remote access
> scenario (with an appropriate PT).

  I presume that the enterprise network isn't trusted, either.  So NEA
will have to include security such as SSL inside of the enterprise, too.
 Those security mechanisms can likely be leveraged to work for access
from outside of the enterprise, too.

> So we should expect the NEA protocols to be used on the Internet
> and include relevant requirements in our requirements document
> (security, congestion control, loss, wide variations in round
> trip time, etc.).

  Once a security layer is defined to enable private transport of NEA
information, the security transport protocol takes care of congestion
control, loss, variations in round trip time, etc.  The NEA requirements
should include per-session timeouts on the client & server, but I don't
see why packet congestion control is relevant.

> But we should not cover non-enterprise use cases
> or situations where the endpoint is not owned by or expected to
> conform with the policies of the organization that owns and operates
> the network.

  What about the case where the endpoint is not owned by the
organization that operates the network, but is willing to conform with
it's policies?

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog

_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea