Hi Lou, On Dec 14, 2012, at 10:15 AM, Lou Berger <[email protected]> wrote:
> Brian, > Opps, should have replied to this message (and not the prior). > > My previous mail basically said the new requirement is placed on the > ADVPN solution, not a particular implementation. I think it's important > to ensure that the overall solution provides for Requirement 14, and I'm > not sure how this can be done without a requirement. If I understand correctly, these requirements are intending to be relevant to "ADVPN solutions" that don't include network infrastructure. It doesn't make sense to me to make a "ADVPN solution" implemented on PCs and comprised exclusively of PCs subject to this as a general requirement. All other MUST requirements in Section 4 seem to apply equally to all use cases. > > See below for additional specific responses. [snip] >> Lou, would something like the following text in Section 2.2 be a >> satisfactory replacement for Requirement 14? >> >> There is also the case when L3VPNs operate over IPsec Tunnels, >> for example Provider Edge (PE) based VPN's. An AD VPN must >> support L3VPN as an application protected by the IPsec >> Tunnels. > > it he must was a MUST, sure. I'd happily support a MUST here. There aren't any other MUSTs outside of Section 4, but I don't know why. Thanks, Brian > > Lou _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
