From: Keith Moore [mailto:moore(_at_)cs(_dot_)utk(_dot_)edu]
As far as I can tell, this is the crux of the problem with
NEA - that in general it's simply unreasonable for a network
to demand that every host that connect to it conform to
arbitrary policies for configuration of those hosts. IETF
should not be standardizing unreasonable expectations. And
even if the behavior is in some limited set of circumstances
reasonable (which is debatable), IMHO IETF should hesitate to
define standards for corner cases.
That is not my understanding of the problem statement.
My understanding is that the specification will provide a description of the
host configuration policy to the network, thus allowing the network to better
decide whether to let the host connect.
It is a network protocol, not an inter-network protocol. That is not new, DHCP
is a network protocol and has no relevance to the inter-network. NEA is a
security gloss on DHCP.
(I do sympathize with the notion that the biggest threats to
an enterprise network are from the hosts that connect
directly to it, and so it makes sense to concentrate efforts
for protecting the network at the points where those hosts
attach to the network)
The other problem I have with this charter is one that I have
with many charters these days - it presupposes a particular
design or architecture
before the working group has actually met, when this should
be an engineering decision taken by the consensus of the
working group AFTER analysis of the problem space.
That is the approach that the IETF has been configured for for 15 years. If you
believe that a different architecture is appropriate you would have to convince
people that that is the case.
Working Groups that do no begin with a tightly defined architecture usually
fail.
There could be a role for the IAB to consider what the best overall Internet
architecture is, but the IAB does not operate at that level.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf