From: Farrell, Lee (Lee.Farrell@cda.canon.com)
Date: Fri Sep 19 2008 - 17:13:16 EDT
For those of you that aren't already on the NEA mail list...
-----Original Message-----
From: nea-bounces@ietf.org [mailto:nea-bounces@ietf.org] On Behalf Of
Randy Turner
Sent: Friday, September 19, 2008 2:02 PM
To: Stephen Hanna
Cc: nea@ietf.org
Subject: Re: [Nea] Consensus check on attributes suggested by Randy
Turner
Hi Steve,
Thanks for the "level-set" email...
Your last email comments on the proposal indicated that we had "basic
agreement" on the inclusion of the "Forwarding Enabled/Disabled"
attribute as well. Can we include this in your "proposed consensus" ?
Thanks!
Randy
On Sep 19, 2008, at 1:55 PM, Stephen Hanna wrote:
> I have not seen any more dialog on the attributes that Randy Turner
> proposed. The PA-TNC editors need to prepare the next version of that
> draft and I think that we had pretty much reached consensus on how to
> handle these attributes so I propose a resolution below. I invite NEA
> participants to indicate whether you agree with this resolution.
> Please respond within one week (by Friday, September 26). If there is
> WG consensus in favor of this resolution, the editors will put it into
> the next PA-TNC draft.
>
> Thanks,
>
> Steve
>
> Forwarding Enabled
> ------------------
> Most fixed-function endpoints can easily determine whether they are
> forwarding traffic between interfaces. Extensible endpoints may not be
> sure if they have multiple interfaces since application software can
> forward traffic. There is some security value in determining this
> value since it may indicate that a device which should not be
> forwarding traffic is doing so. Therefore, an IETF Standard PA-TNC
> Attribute Type will be defined, named "Forwarding Enabled". The
> Attribute Value for this attribute will be a single octet with one of
> three values:
> 0 ("Disabled") if the endpoint is not forwarding traffic between
> network interfaces, 1 ("Enabled") if the endpoint is forwarding
> traffic between network interfaces, and 2
> ("Unknown") if it is not known whether the endpoint is forwarding
> traffic between network interfaces.
>
> Secure Time Enabled
> -------------------
> This attribute is complex and we have not yet seen a proposal for it
> so we will not standardize it yet. It can come later, maybe using our
> process for defining new IETF Standard PA-TNC Attribute Types.
>
> Minimum Cipher Suite
> --------------------
> We did not reach consensus in favor of standardizing this attribute.
>
> Configuration State
> -------------------
> We did not reach consensus in favor of standardizing this attribute.
>
> PSTN_Fax_Enabled
> ----------------
> This attribute is mainly for hard copy devices so it will be defined
> by the Printer Working Group <http://www.pwg.org>.
>
> Factory Default Password Enabled
> --------------------------------
> Many embedded devices include a default static password for
> administration. If this password is not changed before the device is
> placed in service, it's often easy to compromise the device.
> Therefore, it's desirable to identify devices that still have a
> factory default password enabled via NEA.
> A new PA-TNC attribute named "Factory Default Password Enabled"
> should be defined. The Attribute Value for this attribute will be a
> single octet with a value of 0 if the endpoint does not have a factory
> default password enabled and 1 if the endpoint does have such a
> password enabled.
> _______________________________________________
> Nea mailing list
> Nea@ietf.org
> https://www.ietf.org/mailman/listinfo/nea
>
_______________________________________________
Nea mailing list
Nea@ietf.org
https://www.ietf.org/mailman/listinfo/nea
This archive was generated by hypermail 2.1.4 : Fri Sep 19 2008 - 17:13:54 EDT