Re: [Nea] WG Review: Network Endpoint Assessment (nea)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Harald - get Microsoft to buy into this idea and its done.

Todd Glassey
----- Original Message ----- 
From: "Harald Alvestrand" <harald@xxxxxxxxxxxxx>
To: "Narayanan, Vidya" <vidyan@xxxxxxxxxxxx>
Cc: <nea@xxxxxxxx>; <iesg@xxxxxxxx>; <ietf@xxxxxxxx>
Sent: Saturday, October 07, 2006 1:42 AM
Subject: Re: [Nea] WG Review: Network Endpoint Assessment (nea)



> >
> > Not only do I not see anything in the charter or milestones that
> > indicates that the WG is going to spend time exploring this, I strongly
> > believe this WG should not be spending any time looking at this. The
> > trust models for the cases where the devices are not owned by the
> > organization performing NEA are hugely different and can take up its own
> > WG to actually find something that applies there, if at all. For one,
> > this could be considered a violation of privacy by the user of the
> > device. Secondly, the end user's perspective of attacks may be entirely
> > different from the organization's perspective in this case. Third, I
> > simply can't see what the organization's interests would be in
> > protecting a device that doesn't even belong to it. Last but not the
> > least, this requires the endpoint to be running an NEA client (that is
> > interoperable with the NEA server of the organization) - which in itself
> > is often an unrealistic requirement.
>
> Many universities require their students to buy their own laptops, but
> prohibit certain types of activity from those laptops (like spamming,
> DDOS-attacks and the like). They would love to have the ability to run
> some kind of NEA procedure to ensure that laptops are reasonably
> virus-free and free from known vulnerabilities, and are important enough
> in their students' lives that they can probably enforce it without a
> complaint about "violation of privacy".
>
> Just pointing out that there's one use case with user-managed endpoints
> where NEA is not obviously a bad idea.
>
>                     Harald
>
>
> _______________________________________________
> Ietf mailing list
> Ietf@xxxxxxxx
> https://www1.ietf.org/mailman/listinfo/ietf


_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]