Hi Paul,
the way I read it this is NOT Opportunistic Encryption. The draft makes
it clear very early on that "Establishing communications between
participants with no established trust relationship is out of scope for
this effort."
Thanks,
Yaron
On 03/14/2012 01:18 AM, Paul Wouters wrote:
On Tue, 13 Mar 2012, Praveen Sathyanarayan wrote:
Few of my suggestions here
1.) Cut through VPN
2.) Auto mesh VPN
Coming from FreeS/WAN and Openswan, I'm tempted to call it OEVPN,
where OE stands for Opportunistc Encryption.
Paul (still need to read and comment)
On 3/12/12 5:22 PM, "Stephen Hanna" <[email protected]> wrote:
Of course, you're right. The acronym DMVPN makes this
a very bad choice. Thanks for pointing that out.
I'll throw out a few ideas here:
Dynamic Direct VPN (DDVPN)
Shortcut VPN (SVPN)
Dynamic Scalable VPN (DSVPN)
Dynamic Efficient VPN (DEVPN)
Other ideas or comments on these are most welcome.
Thanks,
Steve
-----Original Message-----
From: Mike Sullenberger [mailto:[email protected]]
Sent: Monday, March 12, 2012 6:57 PM
To: Stephen Hanna
Cc: [email protected]; [email protected]
Subject: Re: [IPsec] P2P VPN draft UNCLASSIFIED
Steve,
I do not think changing the name to "Dynamic Mesh VPN" is a good idea.
The first thing that is going to happen is that it is going to be
shortened to "DMVPN" and then we have conflict with Cisco DMVPN, which
would be confusing and also "DMVPN" is a registered trademark. It
would be best to use some other synonym for "Dynamic Mesh".
Mike.
Upon reflection, I can see how "Point to Point VPNs" is problematic
as a description of the problem. Really it's more about dynamically
creating SAs so that any endpoint or gateway can communicate directly
with any other, as permitted by policy. And how can we do this in a
manageable manner in a large-scale environment where endpoints are
mobile and configurations and policies change often?
So "Dynamic Mesh VPNs" is fine with me. Whatever the WG feels is best.
Thanks,
Steve
-----Original Message-----
From: [email protected] [mailto:[email protected]] On
Behalf
Of Ulliott, Chris
Sent: Wednesday, March 07, 2012 4:53 PM
To: '[email protected]'
Subject: Re: [IPsec] P2P VPN draft UNCLASSIFIED
Classification:UNCLASSIFIED
How about "dynamic mesh VPNs" as a title as I think the dynamic part
is
key here and probably an important aspect of the use cases.
Chris
[This message has been sent by a mobile device]
----- Original Message -----
From: Yaron Sheffer [mailto:[email protected]]
Sent: Wednesday, March 07, 2012 09:17 PM
To: IPsecme WG <[email protected]>
Subject: [IPsec] P2P VPN draft
Hi Steve,
a few initial comments.
* The draft is short and clear. Thanks for that!
* I have a problem with the title (and even more, with the "file
name" of the draft). P2P is usually perceived as peer-to-peer,
which skews the discussion towards one particular use case, that
of endpoint-to-endpoint. I suggest to use "Mesh IPsec VPN"
instead.
* I am unclear about 2.2: so what if you "suddenly need to
exchange a
lot of data". How is it different from normal IP traffic load
management? The text is simply too vague here. Ideally, should
we
expect the traffic to migrate to other gateways? To go directly
between endpoints? To establish priorities on existing gateways?
Thanks,
Yaron
+------------------------------------------------+
| Mike Sullenberger; DSE |
| [email protected] .:|:.:|:. |
| Customer Advocacy CISCO |
+------------------------------------------------+
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
