[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Requirements Draft




At 8:15 AM -0600 7/10/01, Horn, Mike wrote:
I have been exchanging several private emails with Scott Kelly about the
current requirements draft.  There are a few issues which are referenced
briefly in the draft, but are not explicitly stated as requirements.  Most
of these issues are contentious, but I think the VPN user community has
already established these as requirements by developing proprietary
solutions for most, if not all of these issues.

There is a big difference between market desires and market requirements. There are many very successful products available that do not match more or more of the features you list below.


1) The IRAS and IRAC SHOULD support NAT traversal.

We don't yet have a standard for that.


2) The IRAC SHOULD support redundant gateways.

This is an application issue, not a protocol issue.


3) The IRAS and IRAC SHOULD support a keepalive or make dead mechanism.

We don't yet have a standard for that.


4) The IRAS SHOULD support auditing of the assigned VIP, public IP, and
username in addition to the start and end time.

Auditing is not covered in this WG.


5) The IRAS and IRAC MAY support load balancing.

It can't be a requirement and a "MAY" at the same time. And, again, it's not a protocol issue.


I understand these issues might fall into a gray area between the IPSRA and
IPSEC working groups, but these are true needs of the user community and
should be addressed.

They are being addressed by many vendors.


  I think the requirements draft is the  right place to
capture user requirements, it shouldn't mandate the solutions for how these
requirements are met, but it should clearly define the needs of the user
community.

Again, "needs" is probably too strong a term to use here.


--Paul Hoffman, Director
--VPN Consortium