Steve, That sounds good. I look forward to the draft and to participating.
With respect to the charter, did we get any copy of the informational documents from, e.g., Cisco and Juniper yet on their proprietary versions? And before I get flamed from anyone at Cisco note that by proprietary I mean "single vendor"; I recognize your claim that the Cisco approach is "standards based GRE tunnels + routing protocols + IPsec". So take a deep breath and let's look at the charter and get that work done, thanks. Disclaimer: all views/opinions expressed are my own, and not those of my employer unless otherwise stated. -- Mark Boltz, CISSP, CISA, NSA-IEM, CSGI Director, Federal and Mid-Atlantic e: [email protected]<mailto:[email protected]> e: [email protected]<mailto:[email protected]> p: 866.869.4075 c: 571.246.2233 o: 202.434.8963 f: 703.997.4759 w: http://www.stonesoft.com<http://www.stonesoft.com/> 1200 G St. NW, Suite 800 Washington, DC 20005-6705 Stonesoft: Network Security. Simplified. On Feb 13, 2012, at 12:52 PM, Stephen Hanna wrote: Mark, Thanks for stepping forward to help with the problem statement and with reviewing the various drafts. In order to maximize the open discussion of these drafts, I think it's best to conduct these discussions on the public ipsec email list. Therefore, I'll be posting a first draft of the problem statement ASAP to get some discussion going. For everyone's reference, the updated ipsecme charter is at http://datatracker.ietf.org/wg/ipsecme/charter It now includes this text relating to the scalable VPN work: --------- In an environment with many IPsec gateways and remote clients that share an established trust infrastructure (in a single administrative domain or across multiple domains), customers want to get on-demand point-to-point IPsec capability for efficiency. However, this cannot be feasibly accomplished only with today's IPsec and IKE due to problems with address lookup, reachability, policy configuration, and so on. The IPsecME Working Group will handle this large scale VPN problem by: * Creating a problem statement document including use cases, definitions and proper requirements for discovery and updates. This document would be solution-agnostic. * Publishing a common solution for the discovery and update problems that will satisfy the requirements in the problem statement document. The working group may standardize one of the vendor solutions, a combination, an superset of such a solution, or a new protocol. * Reviewing and help publish Informational documents describing current vendor proprietary solutions. --------- Thanks, Steve -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Mark Boltz Sent: Wednesday, February 08, 2012 11:26 AM To: Ulliott, Chris Cc: IPsecme WG; Paul Hoffman Subject: Re: [IPsec] NUDGE: Starting work on our new charter items I will volunteer to help review the drafts and develop the requirements. How should we approach that sharing? Google, this list, something else? Also, could someone (re-)post the charter with the objectives again, I can't seem to find it. Alternatively send to me directly off list. I look forward to participating. -- Mark Boltz, CISSP, CISA, NSA-IEM, CSGI Director, Federal and Mid-Atlantic e: [email protected] e: [email protected] p: 866.869.4075 c: 571.246.2233 o: 202.434.8963 f: 703.997.4759 w: http://www.stonesoft.com 1200 G St. NW, Suite 800 Washington, DC 20005-6705 Stonesoft: Network Security. Simplified. On Jan 31, 2012, at 7:12 AM, "Ulliott, Chris" <[email protected]> wrote: Paul - count me in, am more than happy to contribute and help review drafts. Unfortunately getting to Paris could be challenging, but I'll go and talk nicely to the folk who control the purse strings! Chris -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Paul Hoffman Sent: Friday, January 27, 2012 4:49 PM To: IPsecme WG Subject: [IPsec] NUDGE: Starting work on our new charter items [[ There has not been enough response yet, by far. ]] We have a new charter. Do we have any volunteers to start work on the two documents we committed to work on? Related: we should consider having a face-to-face meeting at the upcoming IETF in Paris, but only if there is value for the newly- chartered work. In my mind, that means both a first draft submitted *and* interesting questions that would benefit from face-to-face discussion instead of just work on the list. Do people believe we will have that? --Paul Hoffman _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec *********************************************************************** ***** Communications with GCHQ may be monitored and/or recorded for system efficiency and other lawful purposes. Any views or opinions expressed in this e-mail do not necessarily reflect GCHQ policy. This email, and any attachments, is intended for the attention of the addressee(s) only. Its unauthorised use, disclosure, storage or copying is not permitted. If you are not the intended recipient, please notify [email protected]. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under other UK information legislation. Refer disclosure requests to GCHQ on 01242 221491 ext 30306 (non-secure) or email [email protected] *********************************************************************** ***** The original of this email was scanned for viruses by the Government Secure Intranet virus scanning service supplied by Cable&Wireless Worldwide in partnership with MessageLabs. (CCTM Certificate Number 2009/09/0052.) On leaving the GSi this email was certified virus free. Communications via the GSi may be automatically logged, monitored and/or recorded for legal purposes. _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
