"NEA is applicable to computing environments of enterprises
where endpoints accessing the enterprise's network are owned
and/or expected to conform to the policies set forth by the
organization that owns and operates the network. All other
cases are outside the scope of the NEA charter, since we do
not know that NEA would be useful in such cases."
I would like to point out that in a number of cases it is not possible for
the host to determine what network it is connecting to. For example, IEEE
802.1X-2004 does not provide an equivalent to the Beacon offered by say,
IEEE 802.11. As a result, the host may not necessarily be able to
determine what credentials to use, what information it can or should
disclose, or even whether it is appropriate for it to make use of the
remediation capabilities offered by the network it is connecting to.
It has already been pointed out that the architecture described does not
support mobility very well. To provide some perspective on the
impact of this, currently notebooks comprise more than 55% of all
computers sold by revenue; by the time that the NEA standards are
complete, this may be closer to 75 or even 80 percent.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf