[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: I-D ACTION:draft-lordello-ipsec-vpn-doi-00.txt
The former, not the latter.
Your intro does a great job of explaining how it might be solved without your
proposed change, and I personally prefer your solution.
Without your solution, we'll solve it by having a different cert for each VPN.
But I'd rather do it with a new phase 2 ID and have just one cert to manage.
-Dan
Claudio Lordello wrote:
> I am not sure how to interpret your comment: 1) there are products on the
> market and more coming so yes, customers do want this; -or- 2) there are
> products on the market and they must be solving this VPN identification
> issue some other way so let's not add any new idendities to the DOI.
>
> Perhaps you can clarify.
>
> Claudio.
>
> > -----Original Message-----
> > From: Daniel Fox [SMTP:dfox@ennovatenetworks.com]
> > Sent: Thursday, August 24, 2000 2:44 PM
> > To: Claudio Lordello
> > Cc: 'Markku Savela'; '.IPSec-IETF'; dfox@ennovatenetworks.com
> > Subject: Re: I-D ACTION:draft-lordello-ipsec-vpn-doi-00.txt
> >
> > There are at least three products currently on the market that provide
> > this
> > solution, and more are on the way...
> >
> > Claudio Lordello wrote:
> >
> > > Sorry for the earlier incomplete message. I must have hit some
> > ctrl-whatever
> > > :-(
> > >
> > > Markku,
> > >
> > > Yes, the customer trusts the ISP the same way the customers today trust
> > > their FR, ATM link to their service provider.
> > >
> > > Well noted, the scenario described does not replace end-to-end security.
> > > However it does allow ISP's to provide not only leased-line replacement
> > but
> > > also routing to their customers.
> > >
> > > Claudio.
> > >
> >
begin:vcard
n:Fox;Daniel
tel;work:978-206-0405
x-mozilla-html:FALSE
url:http://www.ennovatenetworks.com
org:Ennovate Networks
adr:;;60 Codman Hill Road;Boxborough;MA;01719;USA
version:2.1
email;internet:dfox@ennovatenetworks.com
title:Principal Software Engineer
fn:Daniel Fox
end:vcard
References: