Upon reflection, I can see how "Point to Point VPNs" is problematic as a description of the problem. Really it's more about dynamically creating SAs so that any endpoint or gateway can communicate directly with any other, as permitted by policy. And how can we do this in a manageable manner in a large-scale environment where endpoints are mobile and configurations and policies change often?
So "Dynamic Mesh VPNs" is fine with me. Whatever the WG feels is best. Thanks, Steve > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf > Of Ulliott, Chris > Sent: Wednesday, March 07, 2012 4:53 PM > To: '[email protected]' > Subject: Re: [IPsec] P2P VPN draft UNCLASSIFIED > > Classification:UNCLASSIFIED > > How about "dynamic mesh VPNs" as a title as I think the dynamic part is > key here and probably an important aspect of the use cases. > > Chris > > [This message has been sent by a mobile device] > > ----- Original Message ----- > From: Yaron Sheffer [mailto:[email protected]] > Sent: Wednesday, March 07, 2012 09:17 PM > To: IPsecme WG <[email protected]> > Subject: [IPsec] P2P VPN draft > > Hi Steve, > > a few initial comments. > > * The draft is short and clear. Thanks for that! > * I have a problem with the title (and even more, with the "file > name" > of the draft). P2P is usually perceived as peer-to-peer, which > skews > the discussion towards one particular use case, that of > endpoint-to-endpoint. I suggest to use "Mesh IPsec VPN" instead. > * I am unclear about 2.2: so what if you "suddenly need to exchange a > lot of data". How is it different from normal IP traffic load > management? The text is simply too vague here. Ideally, should we > expect the traffic to migrate to other gateways? To go directly > between endpoints? To establish priorities on existing gateways? > > Thanks, > > Yaron > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec > > *********************************************************************** > ***** > Communications with GCHQ may be monitored and/or recorded > for system efficiency and other lawful purposes. Any views or > opinions expressed in this e-mail do not necessarily reflect GCHQ > policy. This email, and any attachments, is intended for the > attention of the addressee(s) only. Its unauthorised use, > disclosure, storage or copying is not permitted. If you are not the > intended recipient, please notify [email protected]. > > This information is exempt from disclosure under the Freedom of > Information Act 2000 and may be subject to exemption under > other UK information legislation. Refer disclosure requests to > GCHQ on 01242 221491 ext 30306 (non-secure) or email > [email protected] > > *********************************************************************** > ***** > > > The original of this email was scanned for viruses by the Government > Secure Intranet virus scanning service supplied by Cable&Wireless > Worldwide in partnership with MessageLabs. (CCTM Certificate Number > 2009/09/0052.) On leaving the GSi this email was certified virus free. > Communications via the GSi may be automatically logged, monitored > and/or recorded for legal purposes. > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
