Re: [Nea] I-D ACTION:draft-ietf-nea-requirements-07.txt

["Paul Sangster" <Paul_Sangster at symantec.com>]

As everyone noticed from the mail below, we have submitted an update to
the overview and requirements specification.  The additions were to
address comments raised by the IESG review.

This revision includes 3 notable changes.  Two of the changes involve
the use of the NEA protocols in constrained environments, specifically:
a new common requirement (C-11) and a discussion of the issue in section
5.2.3 (paragraphs 2 and 3) with regard to the PT protocol.  The third
change was to add to the description of potential man in the middle
threats at the end of section 8.3.1.

Because we added significant text and in particular a new requirement,
we believe the new portions of the document require another WG review
prior to returning to the IESG review.  Please review the changes and
send any significant issues.

Paul

> -----Original Message-----
> From: nea-bounces at ietf.org [mailto:nea-bounces at ietf.org] On 
> Behalf Of Internet-Drafts at ietf.org
> Sent: Friday, April 18, 2008 1:15 PM
> To: i-d-announce at ietf.org
> Cc: nea at ietf.org
> Subject: [Nea] I-D ACTION:draft-ietf-nea-requirements-07.txt
> 
> A New Internet-Draft is available from the on-line 
> Internet-Drafts directories.
> This draft is a work item of the Network Endpoint Assessment 
> Working Group of the IETF.
> 
> 	Title		: Network Endpoint Assessment (NEA): 
> Overview and Requirements
> 	Author(s)	: P. Sangster
> 	Filename	: draft-ietf-nea-requirements-07.txt
> 	Pages		: 53
> 	Date		: 2008-4-18
> 	
> This document defines the problem statement, scope and protocol  
>    requirements between the components of the NEA (Network Endpoint  
>    Assessment) reference model.  NEA provides owners of networks  
>    (e.g. an enterprise offering remote access) a mechanism to  
>    evaluate the posture of a system.  This may take place during the  
>    request for network access and/or subsequently at any time while  
>    connected to the network.  The learned posture information can  
>    then be applied to a variety of compliance oriented decisions.   
>    The posture information is frequently useful for detecting  
>    systems that are lacking or have out of date security protective  
>    mechanisms such as: anti-virus and host-based firewall software.   
>    In order to provide context for the requirements, a reference  
>    model and terminology are introduced.
> 
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-ietf-nea-requirements-07.txt
> 
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> 
> Below is the data which will enable a MIME compliant mail 
> reader implementation to automatically retrieve the ASCII 
> version of the Internet-Draft.
> 
_______________________________________________
Nea mailing list
Nea at ietf.org
https://www.ietf.org/mailman/listinfo/nea