Mark, Thanks for stepping forward to help with the problem statement and with reviewing the various drafts. In order to maximize the open discussion of these drafts, I think it's best to conduct these discussions on the public ipsec email list. Therefore, I'll be posting a first draft of the problem statement ASAP to get some discussion going.
For everyone's reference, the updated ipsecme charter is at http://datatracker.ietf.org/wg/ipsecme/charter It now includes this text relating to the scalable VPN work: --------- In an environment with many IPsec gateways and remote clients that share an established trust infrastructure (in a single administrative domain or across multiple domains), customers want to get on-demand point-to-point IPsec capability for efficiency. However, this cannot be feasibly accomplished only with today's IPsec and IKE due to problems with address lookup, reachability, policy configuration, and so on. The IPsecME Working Group will handle this large scale VPN problem by: * Creating a problem statement document including use cases, definitions and proper requirements for discovery and updates. This document would be solution-agnostic. * Publishing a common solution for the discovery and update problems that will satisfy the requirements in the problem statement document. The working group may standardize one of the vendor solutions, a combination, an superset of such a solution, or a new protocol. * Reviewing and help publish Informational documents describing current vendor proprietary solutions. --------- Thanks, Steve > -----Original Message----- > From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On Behalf > Of Mark Boltz > Sent: Wednesday, February 08, 2012 11:26 AM > To: Ulliott, Chris > Cc: IPsecme WG; Paul Hoffman > Subject: Re: [IPsec] NUDGE: Starting work on our new charter items > > I will volunteer to help review the drafts and develop the > requirements. How should we approach that sharing? Google, this list, > something else? Also, could someone (re-)post the charter with the > objectives again, I can't seem to find it. Alternatively send to me > directly off list. > > I look forward to participating. > > -- > Mark Boltz, CISSP, CISA, NSA-IEM, CSGI > Director, Federal and Mid-Atlantic > e: mark.bo...@stonesoft.com e: fede...@stonesoft.com > p: 866.869.4075 c: 571.246.2233 > o: 202.434.8963 f: 703.997.4759 > w: http://www.stonesoft.com > > 1200 G St. NW, Suite 800 > Washington, DC 20005-6705 > > Stonesoft: Network Security. Simplified. > > On Jan 31, 2012, at 7:12 AM, "Ulliott, Chris" > <chris.ulli...@cesg.gsi.gov.uk> wrote: > > > Paul - count me in, am more than happy to contribute and help review > drafts. Unfortunately getting to Paris could be challenging, but I'll > go and talk nicely to the folk who control the purse strings! > > > > Chris > > > > -----Original Message----- > > From: ipsec-boun...@ietf.org [mailto:ipsec-boun...@ietf.org] On > Behalf Of Paul Hoffman > > Sent: Friday, January 27, 2012 4:49 PM > > To: IPsecme WG > > Subject: [IPsec] NUDGE: Starting work on our new charter items > > > > [[ There has not been enough response yet, by far. ]] > > > > We have a new charter. Do we have any volunteers to start work on the > two documents we committed to work on? > > > > Related: we should consider having a face-to-face meeting at the > upcoming IETF in Paris, but only if there is value for the newly- > chartered work. In my mind, that means both a first draft submitted > *and* interesting questions that would benefit from face-to-face > discussion instead of just work on the list. Do people believe we will > have that? > > > > --Paul Hoffman > > > > _______________________________________________ > > IPsec mailing list > > IPsec@ietf.org > > https://www.ietf.org/mailman/listinfo/ipsec > > > > > *********************************************************************** > ***** > > Communications with GCHQ may be monitored and/or recorded > > for system efficiency and other lawful purposes. Any views or > > opinions expressed in this e-mail do not necessarily reflect GCHQ > > policy. This email, and any attachments, is intended for the > > attention of the addressee(s) only. Its unauthorised use, > > disclosure, storage or copying is not permitted. If you are not the > > intended recipient, please notify postmas...@gchq.gsi.gov.uk. > > > > This information is exempt from disclosure under the Freedom of > > Information Act 2000 and may be subject to exemption under > > other UK information legislation. Refer disclosure requests to > > GCHQ on 01242 221491 ext 30306 (non-secure) or email > > info...@gchq.gsi.gov.uk > > > > > *********************************************************************** > ***** > > > > > > The original of this email was scanned for viruses by the Government > Secure Intranet virus scanning service supplied by Cable&Wireless > Worldwide in partnership with MessageLabs. (CCTM Certificate Number > 2009/09/0052.) On leaving the GSi this email was certified virus free. > > Communications via the GSi may be automatically logged, monitored > and/or recorded for legal purposes. > > _______________________________________________ > > IPsec mailing list > > IPsec@ietf.org > > https://www.ietf.org/mailman/listinfo/ipsec > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
