Requirements (was: How does IKEv2 provide solution to remote access?)

["Stephane Beaulieu" <stephane@cisco.com>]

>
> I agree completely.  To be useful IKEv2 needs to address remote access.
>   Remote access is essentially the driving factor behind IPSec gateway
> sales.  IKEv2 needs to account for:
>
> 	1) NAT traversal
> 	2) Internal addressing -- including IP/DHCP, DNS, and WINS
> configuration through a tunnel
> 	3) Legacy authentication for SecurID, Passwords, OTP, and
> Challenge/Response Tokens (CRACK)
>

FWIW, this was all discussed in Atlanta and it seemed we had concensus on
it.  The plan is to try and roll this into the next rev of IKEv2.

Cheryl had put out a requirements draft a while ago which included these
things and a few more.  At the time, it was largely ignored because of the
IKEv2 vs. JFK discussions.  Should we attempt to revive this and move it
ahead in the WG to make sure we don't forget anyting else???  I think it
would be a very good idea to have an outlined set of requirements that we
can use as a gating factor for completion.   It would also be useful to help
keep us focused on what needs to be accomplished for Feb 15th.  If we've
forgotten something in the requirements, I'd rather find out about it now
rather than summer '2003.

Stephane.