NEA Working GroupIETF meetingJuly 27, 2010

nea[-request]@ietf.org

http://tools.ietf.org/wg/nea

Co-chairs: Steve Hanna shanna@juniper.net

Susan Thomson sethomso@cisco.com

Jul 27, 2010 IETF NEA Meeting 1

Note WellAny submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any

statement made within the context of an IETF activity is considered an "IETF Contribution". Such statements include oral statements in IETF sessions, as well as written and electronic communications made at any time or place, which are addressed to:

• The IETF plenary session • The IESG, or any member thereof on behalf of the IESG • Any IETF mailing list, including the IETF list itself, any working group or design team list, or any other list functioning under

IETF auspices • Any IETF working group or portion thereof • The IAB or any member thereof on behalf of the IAB • The RFC Editor or the Internet-Drafts function

All IETF Contributions are subject to the rules of RFC 5378 and RFC 3979 (updated by RFC 4879).

Statements made outside of an IETF session, mailing list or other function, that are clearly not intended to be input to an IETF activity, group or function, are not IETF Contributions in the context of this notice.

Please consult RFC 5378 and RFC 3979 for details.

A participant in any IETF activity is deemed to accept all IETF rules of process, as documented in Best Current Practices RFCs and IESG Statements.

A participant in any IETF activity acknowledges that written, audio and video records of meetings may be made and may be available to the public.

Agenda Review1300 Administrivia

Jabber & Minute scribesAgenda bashing

1305 WG Status1310 NEA Reference Model1315 Description of NEA Asokan attack1345 Open Discussion1435 Consensus Questions1450 Next Steps1455 Milestones1500 Adjourn

Jul 27, 2010 IETF NEA Meeting 3

WG Status – No change from last IETF

• Published as RFC:– PA-TNC: RFC 5792 (Mar 2010)– PB-TNC: RFC 5793 (Mar 2010)

• Individual PT proposals submitted (Jan 4) http://www.ietf.org/id/draft-sangster-nea-pt-tls-00.txt

http://www.ietf.org/id/draft-hanna-nea-pt-eap-00.txt http://www.ietf.org/id/draft-cam-winget-eap-nea-tlv-00.txt http://www.ietf.org/id/draft-cam-winget-eap-tlv-00.txt

• Virtual interim NEA WG meeting held (Jan 28)Jul 27, 2010 IETF NEA Meeting 4

NEA Reference Model

Jul 27, 2010 IETF NEA Meeting 5

NEA Reference Modelfrom RFC 5209

Posture Collectors

Posture Validators

PostureTransportServer

Posture Attribute (PA) protocol

Posture Broker (PB) protocol

NEA Client NEA Server

Posture Transport (PT) protocolsPostureTransportClient

PostureBrokerClient

PostureBrokerServer

IETF NEA MeetingJul 27, 2010 6

PA-TNC Within PB-TNC Within PT

PT

PB-TNC Header

PB-TNC Message (Type=PB-Batch-Type, Batch-Type=CDATA)

PB-TNC Message (Type=PB-PA, PA Vendor ID=0, PA Subtype= OS)

PA-TNC Message

PA-TNC Attribute (Type=Product Info, Product ID=Windows XP)

PA-TNC Attribute (Type=Numeric Version, Major=5, Minor=3, ...)

Jul 27, 2010 7IETF NEA Meeting

NEA Asokan Attack

Jul 27, 2010 IETF NEA Meeting 8

IETF NEA MeetingJul 27, 2010 9

PT Trust ModelNEA Server

NEA Client

Tunnel Establishment

• If the NEA client is configured to only talk to trusted/authorized NEA Servers, then MiTM attacks are mitigated

• If the NEA client is configured to allow it to talk to untrustworthy NEA Servers, then a MiTM can access and intercept the conversation.

IETF NEA MeetingJul 27, 2010 10

PA Trust ModelNEA Server

NEA Client

PA conversation

• To address the lying endpoint problem, the trusted party at the endpoint can establish the authenticity of the Posture Attributes in a way that the Posture Validator can verify them.

IETF NEA Meeting

SpyLaptopSpyUser

Asokan Attack on NEA

Jul 27, 2010 11

Preconditions1. NEA Assessment2. CorpLaptop Infection3. Lying Endpoint Detection

(PA Trust Model)4. SpyLaptop configured to allow

communication with untrustworthy SpyServer (PT Trust Model)

5. PA Forwarding attack

CorpLaptop CorpServerCorpUser

N!

SpyServer

Any questions?

!

☺

☺

Consensus Check Question

• NEA Asokan attack needs to be addressed?– Yes– No– Don’t know

Jul 27, 2010 IETF NEA Meeting 12

Proposed Next Steps

• Address PT trust model in base PT protocol I-Ds

• Address PA trust model in PT extension I-D – PT-independent

Jul 27, 2010 IETF NEA Meeting 13

Milestones

Aug 2010 Set up design team to work on PT extension I-D

Oct 2010 Output of Design team due

Nov 2010 Review and Resolve issues with PT I-Ds at IETF 79

Dec 2010 Publish -00 NEA WG PT I-Ds

Jan 2011 Resolve issues with -00 NEA WG PT I-Ds

Feb 2011 Publish -01 NEA WG PT I-Ds

Mar 2011 Resolve issues with -01 NEA WG PT I-Ds at IETF 80

Apr 2011 WGLC on -01 NEA WG I-Ds

May 2012 Publish -02 NEA WG I-Ds

Jun 2012 IETF LC

Jul 27, 2010 IETF NEA Meeting 14

IETF NEA Meeting 15

Adjourn

Jul 27, 2010