Steve Hanna, distinguished engineer with Juniper Networks and co-chair of the Trusted Computing Group, Trusted Network Connect Working Group, and the Internet Engineering Task Force (IETF) NEA, has submitted the TCG specifications for consideration by the NEA working group. The NEA Working Group, which has been silent for quite some time, finally has a set of documents to work on. It's just one step in the long process of achieving consensus in the IETF.
"On Feb. 18, the TCG submitted proposals for PA and PB protocols that meet the NEA WG's requirements. These seem to be the only proposals that have been submitted. I expect that the NEA WG will consider these proposals, evaluating them against the NEA WG's published requirements," Hanna said in an e-mail. The TCG standards documents already have reached consensus within the TCG Working Group and vendors have running code. Many of the TCG participants also participate in the NEA. The next step within the IETF will be to agree to accept the TCG proposals as working group documents, take input from the working group members, propose changes, and then reach agreement on final drafts.
Unfortunately, the IETF isn't known for being particularly speedy and Hanna foresees a transition period where multiple versions of the specification are active -- as it was in the case with SSl and TLS. During the transition, vendors may support multiple versions until the market converges on a final standard.
Nevertheless, the battle for NAC standards is quickly being won by the TCG. In early 2007, three competing frameworks -- Cisco Network Admission Control, Microsoft's Network Access Protection, and the TCG/TNC -- were competing for mind share. Depending on who you talked to, one or the other framework would win out. The landscape changed when the TCG accepted Microsoft's Statement of Health protocol -- which is used to transmit host health to a policy server -- as a TNC specification. That meant instant TNC support as soon as Vista shipped; Windows XP Service Pack 3, when it ships in 2008, will support the TNC specifications as well. That pitted Microsoft and the TCG against Cisco. The NEA working group, formed in 2006, is a way to bring Cisco -- which doesn't recognize the TCG as a standards body -- into the NAC stand.