The IESG has approved the following document: - 'NEA Asokan Attack Analysis' (draft-ietf-nea-asokan-02.txt) as Informational RFC This document is the product of the Network Endpoint Assessment Working Group. The IESG contact persons are Stephen Farrell and Sean Turner. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-nea-asokan/ Technical Summary: The Network Endpoint Assessment protocols are subject to a subtle forwarding attack that has become known as the NEA Asokan Attack. This document describes the attack and countermeasures that may be mounted. Working Group Summary: The WG formed a design team in July 2010 with the goal of recommending a general-purpose counter-measure that would work for both of the PT protocols under specification in the WG. The design team analysis and recommendation is the subject of this document. The recommendation of the design team was presented to the WG at the IETF meeting in November 2010 where it received solid support. The result was confirmed on the mailing list in January 2011, and the recommended counter- measure subsequently incorporated into the two PT protocols specified in the NEA WG. The two PT protocols, PT-TLS and PT- EAP, are separately specified in two standards-track documents, and reference this document as an Informative reference. Document Quality: This document does not specify a protocol. Rather, it describes counter-measures that PT-TLS and PT-EAP can use to mitigate against the NEA Asokan attack. The PT-TLS and PT-EAP specifications describe how these counter-measures should be used in these particular protocols. As described above, this document is the result of active participation from several WG members and received substantive review from the WG. Personnel: Susan Thomson is the Document Shepherd. Stephen Farrell is the Responsible Area Director.
