On May 23, 2014, at 8:22 PM, Yaron Sheffer <[email protected]> wrote:
> Dear WG members, > > After being unable to reach consensus on a protocol that solves the AD VPN > problem, we set up a smaller group to discuss the solutions on the table and > try to reach agreement between the competing proposals. Unfortunately, this > approach was similarly unsuccessful even after multiple phone calls with the > respective authors. > > As a result, the chairs have decided to officially withdraw this work item > from the group's agenda. We will work with the ADs to remove it from our > charter. > > We would like to thank the authors of RFC 7018 (Auto-Discovery VPN Problem > Statement and Requirements), and encourage the authors of the protocol > proposals to publish them for the benefit of the community. > > Regards, > > Paul and Yaron FWIW, I think this is the wrong decision. Both the working group and apparently the market have shown a desire for a dynamic, large-scale VPN, and we have enough people willing to do work on a solution. Yes, there are some designs floating around and some implementations at various levels of maturity, and there was a lot of controversy. Not coming up with a single, standard design will lead to multiple non-interoperable implementations, a fragmented market, and vendor lock-in, which runs contrary to the mission of the IETF to make the Internet better. Implementers will be forced to either “choose sides” or worse, implement more than one design, and lacking a standard document, much of the actual protocol will be either vendor-specific or reverse-engineered. This is exactly the kind of bad outcome that standards bodies are supposed to prevent, and I don’t believe that admitting defeat is the right decision here. Yoav _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
