On Dec 8, 2011, at 8:14 PM, Yaron Sheffer wrote: > We as a group can commit to deliverable #1 and #3 (problem statement and > standardized solution). But deliverable #2 (vendor protocols) is mostly > out of our hands.
That's why I used "review" and "help" rather than "write" or "produce". > So before we approve this charter, I would like to > hear from people that represent vendors that they can commit to publish > such a draft for their favorite solution. With a mostly complete -00 > draft in, say, 4/2012. Please respond to the list or privately to Paul > and myself. > > Also, I suggest to replace the sentence "The working group may consider > multiple proposals, and then choose one to bring to the standards > track." by "The working group may standardize one of the vendor > solutions, a combination of several, or a new protocol." The latter is > clearer, at least to me. Agree. How about: In an environment with many IPsec gateways and remote clients that share an established trust infrastructure (in a single administrative domain or across multiple domains), customers want to get on-demand point-to-point IPsec capability for efficiency. However, this cannot be feasibly accomplished only with today's IPsec and IKE due to problems with address lookup, reachability, policy configuration, etc. The IPsecME working group will handle this large scale VPN problem by delivering the following: * The working group will create a problem statement document including use cases, definitions and proper requirements for discovery and updates. This document would be solution-agnostic. Should reach WG last call around October 2012. * The working group will review and help publish Informational documents describing current vendor proprietary solutions. These should be ready for IETF last call by August 2012. * The working group will choose a common solution for the discovery and update problems that will satisfy the requirements in the problem statement document. The working group may standardize one of the vendor solutions, a combination, an superset of such a solution, or a new protocol. _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
