[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: revised IPsec processing model: Q: VID and forwarding function

To: Stephen Kent <kent@bbn.com>
Subject: Re: revised IPsec processing model: Q: VID and forwarding function
From: Joe Touch <touch@ISI.EDU>
Date: Mon, 04 Aug 2003 13:56:16 -0700
CC: Ricky Charlet <rcharlet@speakeasy.net>, ipsec mailingList <ipsec@lists.tislabs.com>
In-Reply-To: <p05210601bb54753d4745@[128.89.88.34]>
References: <682DFC4C-BA03-11D7-B9FF-00039349B0FC@speakeasy.net> <p05210607bb41b765706a@[128.89.89.40]> <3F2EC241.4080902@isi.edu> <p05210601bb54753d4745@[128.89.88.34]>
Sender: owner-ipsec@lists.tislabs.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030529



Stephen Kent wrote:
> At 13:29 -0700 8/4/03, Joe Touch wrote:
> 
>> Stephen Kent wrote:
>>
>>> At 9:09 -0700 7/19/03, Ricky Charlet wrote:
>>>
>>>> Hello,
>>>>
>>>>     I'm trying to understand the motivations for VIDs and explicit 
>>>> forwarding function separation. Currently, I am guessing (based on 
>>>> your first paragraph) that these new features enable PPVPNs and/or 
>>>> overlay networks. If so, how so? If not, what new functionality is 
>>>> enabled by these features?
>>>
>>>
>>>
>>> There was a long series of off-list and post-WG meetings discussions 
>>> involving folks had expressed concern over how to modify IPsec 
>>> processing to better accommodate PPVPNs and overlay nets. The grouops 
>>> included  Mark Duffy, Greg Lebovitz, and Joe Touch I developed this 
>>> model and vetted it with this group some months ago.
>>
>>
>> FYI (all):
>>
>> At best, only the basic concept of doing a forwarding lookup was 
>> presented during a brief conversation at the Atlanta IETF; I cannot 
>> speak for the others, but this thread was the first I've seen of this 
>> proposal, and we certainly were not involved in developing it, or 
>> participating in a "long series" of meetings about it.
> 
> Joe, sorry for the confusion caused by a misplaced "s" in the above 
> text. My message was supposed to refer to "post-WG meeting 
> discussions."  I think others who read the message interpreted my typo 
> as I had intended, and as restated, it is accurate. I did not mean to 
> suggest that there were a set of post-WG meetings among the interested 
> parties.  We did, however, exchange a number of e-mail messages on the 
> topic.

Agreed.


>> I would not consider it 'vetted', but rather proposed at best. Even at 
>> that time Lars Eggert and I expressed significant concerns about this 
>> proposal.
>>
>> A brief summary of some of those concerns, to the extent that we could 
>> address them absent a detailed proposal, was discussed in section 
>> 4.1.3 as "Alternative 3" of the final update of our ID on the issue of 
>> support for dynamic routing in IPsec (draft-touch-ipsec-vpn-05.txt).
> 
> My view is that the majority of the participants in the discussions 
> found it an acceptable model, but you and Lars did not.  rough consensus?

I recall only 1-2 other participants in those meetings; it was a quick 
chat over the break, as I recall as well. I wouldn't consider that brief 
discussion sufficient for anyone to establish consensus, certainly not 
based on the absence of detail at that time.

Joe

Follow-Ups:
- Re: revised IPsec processing model: Q: VID and forwarding function
  - From: Stephen Kent <kent@bbn.com>

References:
- Re: revised IPsec processing model: Q: VID and forwarding function
  - From: Joe Touch <touch@ISI.EDU>
- Re: revised IPsec processing model: Q: VID and forwarding function
  - From: Stephen Kent <kent@bbn.com>

Prev by Date: Re: revised IPsec processing model: Q: VID and forwarding function
Next by Date: Re: revised IPsec processing model: Q: VID and forwarding function
Prev by thread: Re: revised IPsec processing model: Q: VID and forwarding function
Next by thread: Re: revised IPsec processing model: Q: VID and forwarding function
Index(es):
- Date
- Thread