This appeared on the list over two weeks ago and it has received no comments since. This is supposed to be the WG's main work item, folks.
--Paul Hoffman On Aug 23, 2012, at 9:02 AM, Stephen Hanna <[email protected]> wrote: > Vishwas and I have updated the AD VPN Problem Statement > and Requirements draft to address the comments received > on the previous version and remaining comments from > earlier email discussions. The new version is available at > > https://datatracker.ietf.org/doc/draft-ietf-ipsecme-ad-vpn-problem > > A summary of the changes in this version is included at > the end of this message. > > Please review this document and provide any comments on > the existing requirements or suggestions for new ones. > > For requirement 3, Vishwas will be starting an email > thread soon so that the WG can discuss what this text > means, whether we want to keep it, and how it can be > made clearer. > > Thanks, > > Steve > > ------------ > > Summary of Changes in draft-ietf-ipsecme-ad-vpn-00.txt > > * Changed draft name from p2p-vpn to ad-vpn. > > * Added a paragraph for each requirement, explaining how > that requirement is driven by the use cases. > > * In requirement 1, defined what we mean by minimizing > configuration changes. > > * In requirement 2, explained that this requirement implies > that SPD entries and other configuration based on peer > IP address will need to be automatically updated when > the peer's IP address changes. > > * Split requirement 4 into two requirements (now 4 and 5). > > * In requirement 6 (formerly 5), explained what we mean > by "easy handoff of sessions": avoid TCP session breakage > and packet loss, when possible. > > * In requirement 8 (formerly 7), acknowledged the difficulty > of handling cases where gateways are behind NATs or where > two endpoints are both behind separate NATs. In those cases, > we may need to use workarounds such as port forwarding by > the NATs or falling back to a hub and spoke architecture. > > * Added new requirement 9 around manageability. > > * Added new requirement 10 around cross-organization use. > > * Added new requirement 11 saying that administrators should > be able to limit topologies for security and other reasons. > > * Fixed typos and other minor wording issues. > > _______________________________________________ > IPsec mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/ipsec > _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
