At this point, we are trying to state requirements. You have already ran full-force into proposed solutions.
Having said that, I think your proposed solution is overkill for "discovery". On Nov 29, 2011, at 2:17 PM, Nico Williams wrote: > As for nearest SG for a given administrative domain, well, I'm > thinking of anycasting and multicasting, as well as SRV RRs. That's "discovery by looking around". I propose that a much simpler solution is "discovery by listening for trusted parties to register with you their information". That is, the introducer has a list of trusted gateways (which might be other introducers), and it listens for them to tell it what addresses they are responsible for and the policies that are associated with them. There should also be a way for a gateway to ask an introducer what the introducer knows about the gateway. > Or have I misunderstood the problem space? You have one view, I have a different one, and the rest of the WG should be chiming in about which they think are required for the problem of P2P VPN. --Paul Hoffman _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
