EAP-TNC SoH Health Attributes

Jouni Malinen j
Mon Dec 12 09:43:14 PST 2011

On Mon, Dec 12, 2011 at 09:54:02AM -0500, Francois Gaudreault wrote:
> I think the expectations are that a Linux/Mac OSX should comply with the 
> same policy as MS machines do, not just a workaround.  I don't see why a 
> Linux/Mac machine that is not up to date should be allowed more on the 
> network than a Microsoft machine that is fully up to date... Maybe the 
> Linux have a remote exploit available that could have been fixed if the 
> OS was up-to-date... You see what I mean?  (That's just a "cheesy" 
> example).  I believe that every pc, whatever "Desktop" OS is installed 
> (Linux/Mac/Windows), should comply to the same enterprise policy.

I see no problems in being-up-to-date part - it was the having a virus
scanner installed part that did not seem to match with what is commonly
done in Linux (or OSX?) in such scale today.
Jouni Malinen                                            PGP id EFC895FA

More information about the Hostap mailing list