RE: [Nea] Re: NEA network location?

To: "Bernard Aboba" <bernard_aboba at hotmail.com>, <nea at ietf.org>
Subject: RE: [Nea] Re: NEA network location?
From: "Stephen Hanna" <shanna at juniper.net>
Date: Thu, 21 Dec 2006 11:22:31 -0500
Cc:
In-reply-to: <BAY117-F20230976884AEC73CC26D993CE0@phx.gbl>
List-archive: <http://www1.ietf.org/pipermail/nea>
List-help: <mailto:nea-request@ietf.org?subject=help>
List-id: Network Endpoint Assessment discussion list <nea.ietf.org>
List-post: <mailto:nea@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/nea>, <mailto:nea-request@ietf.org?subject=unsubscribe>
Thread-index: AcclFdPJU7AZbUVcTqKw+Ko9J3YpUwAAb9nQ
Thread-topic: [Nea] Re: NEA network location?

I did not mean to suggest that the requirements for running
NEA protocols over the Internet are substantially different
from running them over an enterprise network. In many cases
(maybe most or all cases), they will not differ.

I was simply answering a question about whether we can ignore
requirements derived from running the NEA protocols over the
Internet. We cannot.

Thanks,

Steve

-----Original Message-----
From: Bernard Aboba [mailto:bernard_aboba at hotmail.com] 
Sent: Wednesday, December 20, 2006 11:00 PM
To: nea at ietf.org
Subject: [Nea] Re: NEA network location?

Steve Hanna said:

"So we should expect the NEA protocols to be used on the Internet
and include relevant requirements in our requirements document
(security, congestion control, loss, wide variations in round
trip time, etc.). But we should not cover non-enterprise use cases
or situations where the endpoint is not owned by or expected to
conform with the policies of the organization that owns and operates
the network."

Of course, this begs the question of how NEA behavior can differ in the 
enterprise and Internet cases. From an authentication perspective, EAP
is 
run between the peer to the server, and so the intervening network(s)
simply 
don't come into play.  So if you examine packet traces for the
"enterprise" 
and the "Internet" cases, there will be no discernible difference
between 
them, as long as the peer and server are the same.

Of course, your mileage will vary for other "transports", which may not
have 
the same "end to end" properties as EAP.  However, in those cases, there
are 
some very fundamental issues with mobility support.  And of course, one
of 
the issues motivating NEA is mobility;  if we are talking only about 
desktops sitting in one place, with permanent connectivity, why can't 
existing software update solutions do the job?



_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea

_______________________________________________
Nea mailing list
Nea at ietf.org
https://www1.ietf.org/mailman/listinfo/nea

References:
- [Nea] Re: NEA network location?
  - From: Bernard Aboba

Prev by Date: [Nea] Re: NEA network location?
Next by Date: Re: NEA requirements (was Re: Fwd: [Nea] Re: use of a design team to develop requirements)
Previous by thread: [Nea] Re: NEA network location?
Index(es):
- Date
- Thread

RE: [Nea] Re: NEA network location?

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.