On Tue, Nov 29, 2011 at 7:31 PM, Paul Hoffman <[email protected]> wrote: > At this point, we are trying to state requirements. You have already ran > full-force into proposed solutions.
Looking at the sorts of solutions that might be in scope can help me understand the problem space by illustration, particularly when new [to me] terminology is used that confuses me. I'm proposing nothing in particular so much as illustrative concepts. > On Nov 29, 2011, at 2:17 PM, Nico Williams wrote: >> As for nearest SG for a given administrative domain, well, I'm >> thinking of anycasting and multicasting, as well as SRV RRs. > > That's "discovery by looking around". I propose that a much simpler solution > is "discovery by listening for trusted parties to register with you their > information". That is, the introducer has a list of trusted gateways (which > might be other introducers), and it listens for them to tell it what > addresses they are responsible for and the policies that are associated with > them. There should also be a way for a gateway to ask an introducer what the > introducer knows about the gateway. I see. That makes sense, but you have to see the space of SGs or other "introducers" that you know about. They might multicast for you to discover them. > You have one view, I have a different one, and the rest of the WG should be > chiming in about which they think are required for the problem of P2P VPN. I don't yet have a view. Nico -- _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
