[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: revised IPsec processing model: Q: VID and forwarding function

To: Joe Touch <touch@ISI.EDU>
Subject: Re: revised IPsec processing model: Q: VID and forwarding function
From: Stephen Kent <kent@bbn.com>
Date: Mon, 4 Aug 2003 16:48:47 -0400
Cc: Ricky Charlet <rcharlet@speakeasy.net>, ipsec mailingList <ipsec@lists.tislabs.com>
In-Reply-To: <3F2EC241.4080902@isi.edu>
References: <682DFC4C-BA03-11D7-B9FF-00039349B0FC@speakeasy.net><p05210607bb41b765706a@[128.89.89.40]> <3F2EC241.4080902@isi.edu>
Sender: owner-ipsec@lists.tislabs.com

At 13:29 -0700 8/4/03, Joe Touch wrote:
>Stephen Kent wrote:
>>At 9:09 -0700 7/19/03, Ricky Charlet wrote:
>>
>>>Hello,
>>>
>>>     I'm trying to understand the motivations for VIDs and explicit 
>>>forwarding function separation. Currently, I am guessing (based on 
>>>your first paragraph) that these new features enable PPVPNs and/or 
>>>overlay networks. If so, how so? If not, what new functionality is 
>>>enabled by these features?
>>
>>
>>There was a long series of off-list and post-WG meetings 
>>discussions involving folks had expressed concern over how to 
>>modify IPsec processing to better accommodate PPVPNs and overlay 
>>nets. The grouops included  Mark Duffy, Greg Lebovitz, and Joe 
>>Touch I developed this model and vetted it with this group some 
>>months ago.
>
>FYI (all):
>
>At best, only the basic concept of doing a forwarding lookup was 
>presented during a brief conversation at the Atlanta IETF; I cannot 
>speak for the others, but this thread was the first I've seen of 
>this proposal, and we certainly were not involved in developing it, 
>or participating in a "long series" of meetings about it.

Joe, sorry for the confusion caused by a misplaced "s" in the above 
text. My message was supposed to refer to "post-WG meeting 
discussions."  I think others who read the message interpreted my 
typo as I had intended, and as restated, it is accurate. I did not 
mean to suggest that there were a set of post-WG meetings among the 
interested parties.  We did, however, exchange a number of e-mail 
messages on the topic.

>I would not consider it 'vetted', but rather proposed at best. Even 
>at that time Lars Eggert and I expressed significant concerns about 
>this proposal.
>
>A brief summary of some of those concerns, to the extent that we 
>could address them absent a detailed proposal, was discussed in 
>section 4.1.3 as "Alternative 3" of the final update of our ID on 
>the issue of support for dynamic routing in IPsec 
>(draft-touch-ipsec-vpn-05.txt).

My view is that the majority of the participants in the discussions 
found it an acceptable model, but you and Lars did not.  rough 
consensus?

Steve

Follow-Ups:
- Re: revised IPsec processing model: Q: VID and forwarding function
  - From: Joe Touch <touch@ISI.EDU>

References:
- Re: revised IPsec processing model: Q: VID and forwarding function
  - From: Joe Touch <touch@ISI.EDU>

Prev by Date: Re: revised IPsec processing model
Next by Date: Re: revised IPsec processing model
Prev by thread: Re: revised IPsec processing model: Q: VID and forwarding function
Next by thread: Re: revised IPsec processing model: Q: VID and forwarding function
Index(es):
- Date
- Thread