[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: policy expressive power in IPSec-VPN policy draft


Can anyone (esp. the authors) give an indication of the future of the draft "An
LDAP Schema for Configuration and Administration of IPSec based VPNs" ? Because
the draft expires in a few weeks, I'd like to know whether there are any
updates / new versions planned.

Basically I share the concerns raised by authors of previous postings in this
thread. The 'proxied objects' seem redundant, as do explicit policy
conditions/actions for ISAKMPPhase1 and ISAKMPPhase2. Those extra rules make
this schema bulky and I wonder why they have been included. Is there anyone
(authors maybe) who can shed some more light on the subject ?