Re: draft-touch-ipsec-vpn-06.txt

Ross Callon <rcallon@juniper.net> Wed, 21 January 2004 03:58 UTC

Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA09101 for <vpn-dir-archive@odin.ietf.org>; Tue, 20 Jan 2004 22:58:13 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Aj9Ux-0005VY-0C for vpn-dir-archive@odin.ietf.org; Tue, 20 Jan 2004 22:57:47 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i0L3vkhE021171 for vpn-dir-archive@odin.ietf.org; Tue, 20 Jan 2004 22:57:46 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Aj9Uw-0005VO-SQ for vpn-dir-web-archive@optimus.ietf.org; Tue, 20 Jan 2004 22:57:46 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA09086 for <vpn-dir-web-archive@ietf.org>; Tue, 20 Jan 2004 22:57:42 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1Aj9Ut-0003X9-00 for vpn-dir-web-archive@ietf.org; Tue, 20 Jan 2004 22:57:43 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1Aj9U0-0003VM-00 for vpn-dir-web-archive@ietf.org; Tue, 20 Jan 2004 22:56:49 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1Aj9TD-0003TN-00 for vpn-dir-web-archive@ietf.org; Tue, 20 Jan 2004 22:55:59 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Aj9TF-0005KA-C4; Tue, 20 Jan 2004 22:56:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1Aj9T2-0005JZ-3a for vpn-dir@optimus.ietf.org; Tue, 20 Jan 2004 22:55:48 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id WAA09032 for <vpn-dir@ietf.org>; Tue, 20 Jan 2004 22:55:44 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1Aj9Sy-0003SA-00 for vpn-dir@ietf.org; Tue, 20 Jan 2004 22:55:44 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1Aj9S3-0003Qc-00 for vpn-dir@ietf.org; Tue, 20 Jan 2004 22:54:48 -0500
Received: from colo-dns-ext1.juniper.net ([207.17.137.57]) by ietf-mx with esmtp (Exim 4.12) id 1Aj9RR-0003N2-00 for vpn-dir@ietf.org; Tue, 20 Jan 2004 22:54:09 -0500
Received: from merlot.juniper.net (merlot.juniper.net [172.17.27.10]) by colo-dns-ext1.juniper.net (8.11.3/8.9.3) with ESMTP id i0L3rdl70651; Tue, 20 Jan 2004 19:53:39 -0800 (PST) (envelope-from rcallon@juniper.net)
Received: from rcallon-lt.juniper.net (securepptp022.static.jnpr.net [172.24.253.22]) by merlot.juniper.net (8.11.3/8.11.3) with ESMTP id i0L3rXh37535; Tue, 20 Jan 2004 19:53:33 -0800 (PST) (envelope-from rcallon@juniper.net)
Message-Id: <4.3.2.20040120214537.0304b048@zircon.juniper.net>
X-Sender: rcallon@zircon.juniper.net
X-Mailer: QUALCOMM Windows Eudora Version 4.3
Date: Tue, 20 Jan 2004 22:29:07 -0500
To: Thomas Narten <narten@us.ibm.com>
From: Ross Callon <rcallon@juniper.net>
Subject: Re: draft-touch-ipsec-vpn-06.txt
Cc: vpn-dir@ietf.org
In-Reply-To: <200401210035.i0L0ZVV07875@cichlid.raleigh.ibm.com>
References: <Message from rcallon@juniper.net of "Sun, 21 Sep 2003 23:40:33 EDT." <4.3.2.20030921233800.02bc4e90@zircon.juniper.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: vpn-dir-admin@ietf.org
Errors-To: vpn-dir-admin@ietf.org
X-BeenThere: vpn-dir@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/vpn-dir>, <mailto:vpn-dir-request@ietf.org?subject=unsubscribe>
List-Id: VPN Directorate <vpn-dir.ietf.org>
List-Post: <mailto:vpn-dir@ietf.org>
List-Help: <mailto:vpn-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/vpn-dir>, <mailto:vpn-dir-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=2.0 required=5.0 tests=AWL,FORGED_MUA_EUDORA autolearn=no version=2.60

At 07:35 PM 1/20/2004 -0500, Thomas Narten wrote:
>Hi Ross.
>
>Digging through some old mail, I have this note. This document has
>come up to the IESG again for approval as an informational document
>and will be discussed Thursday. If there is a problem with publishing
>this, we need to be specific about why not.

The reason is that it defines a protocol which is in the scope of the 
L3VPN working group, and is in conflict with other work being done by
the working group, and yet it has not been reviewed by the l3vpn working 
group nor by any other working group. I think that the message to the 
authors of the document should be to take their document to the l3vpn 
working group, and progress it as a working group item. 

The fact that Joe Touch has on multiple occasions used the existence 
of his draft to try to block progression of other l3vpn (or ppvpn) working 
group items is pretty solid evidence that even he feels that it overlaps 
considerably with the scope of the l3vpn working group. 

>If this conflicts with existing WG work and it would be better to
>delay publication until after some RFCs are published, that is a
>possibility, but we will need to have cause

Yes. It does. It specifically overlaps with the CE-based VPN work. 
See "An Architecture for Provider Provisioned CE-based Virtual Private 
Networks using IPsec" <draft-ietf-l3vpn-ce-based-01.txt>.

>Can one of you review (or get someone to review) this to see if you
>have any real issues?

I will try to get people to review this. I doubt that other reviewers can 
get this done by Thursday (but I will ask tonight). 

I would prefer to send it to the l3vpn working group and ask for the 
group as a whole to review it (though it would also be a good idea to 
ask specific people in parallel). 

If there is any reasonable likelihood that the IESG will approve 
publication of this draft, I would like to send a message, or have 
our friendly IESG member send a message, to the l3vpn working 
group and ask whether people have any comments on the draft, and 
whether they think that the document should be reviewed by the l3vpn 
working group prior to publication. 

Feel free to forward this message to the IESG (I was tempted to CC 
the IESG on my own). 

thanks, Ross

>Ross Callon <rcallon@juniper.net> writes:
> > At 03:39 PM 9/19/2003 -0400, Thomas Narten wrote:
>
> > >Ron, Russ and Rick:
> > >
> > >Has this document been discussed in the VPN WGs at all? Is there any
> > >issue with publishing them as informational? (Joe has asked the RFC
> > >editor to publish them as info documents).
> > >
> > >Thomas
>
> > I have a problem with this being published as an RFC in any
> > form, prior to proper working group review. We have in the past
> > (in the IETF) had a number of cases of people publishing things
> > as informational in order to get around the need for IETF review.
> > While I understand why people want to avoid having their work
> > reviewed, I don't think that this is something that we should
> > encourage. In some cases in fact the document that was 
> > published as informational was fine. In some other cases the 
> > approach was fine, but the spec was incomplete. In a few
> > cases the approach had flaws. 
>
> > Note that I don't actually know whether there is anything that
> > should be changed in the document (in a very quick look this
> > evening I didn't see any problems with the actual approach). 
>
> > However, I don't think that it is correct to let them subvert the
> > process. There are numerous places in the ppvpn working group
> > minutes where the document has been referred to, in one case
> > as a reason to avoid progressing a different document. How can
> > someone say "we have an alternate document, which we are
> > not going to discuss, but this other document is the reason that
> > the working group shouldn't progress your document"? This 
> > doesn't seem like a valid process to me. 
>
> > Thus I think that both the L3VPN working group and the IPSec
> > working group should explicitly review the draft before it is 
> > published as an RFC in any form. 
>
>
> > While I am not aware of it being explicitly discussed, it has 
> > apparently come up by reference in a number of discussions,
> > and appears to have been presented once during a different
> > presentation in spite of not appearing on the agenda. 
>
> > This is what I was able to find looking through one minutes 
> > (I only looked back as far as IETF 49):
>
>
> >  From the minutes of IETF 56, during the discussion of 
> > draft-declercq-ppvpn-ce-based-sol-00. 
>
> >          Joe Touch: We have running code that is similar to this draft, except 
> >          it is push-based, and not pull-based. Also it has not been cited as 
> >          reference. 90% is similar to this document, 10 % is different. We have 
> >          running code. 
>
>
> > There was a brief reference in passing in IETF 55 during the 
> > discussion of IPsec protected Virtual Links for PPVPNs 
> > (Mark Duffy). (again this was along the line of "how can you
> > progress a document as a working group document when it
> > doesn't conform to this non-working-group document). 
>
>
> >  From the minutes of IETF 53, March 2002:
>
> >          Joe Touch gave a background for dynamic routing for IPSec transport mode. 
> >          Didn't go to standards track to avoid confusion to already existing RFC 2401 
> >          (and therefore informational). 
>
> > This seemed to have occurred during or just after a presentation of 
> > draft-knight-ppvpn-ipsec-dynroute-00.txt
>
> > The alleged reason for not going standards track doesn't make sense
> > to me. 
>
>
> > During the 51st IETF (London, August 2001), in the discussion 
> > of draft-declercq-ppvpn-ce-based-00.txt (renamed as 
> > draft-ietf-ppvpn-ce-based-00.txt) there was a mention:
>
> >          Can use IPSec in tunnel mode (ipsec does SA selection, encapsulation 
> >          and authentication/encryption) or transport mode (draft-touch-ipsec-..).
>
>
> > During the 50th IETF, during a discussion of "Use of IPSEC with PPVPN" (Bryan Gleeson, 
> > draft-gleeson-IPSec-ppVPN-00.txt):
>
> >          Comment - Joe Touch: This has been addressed in my draft. Read draft-touch-IPSec-VPN-01.txt 
> >          (used IP-in-IP encapsulation within IPSec transport mode).
>
> > Ross
>
>
>_______________________________________________
>Vpn-dir mailing list
>Vpn-dir@ietf.org
>https://www1.ietf.org/mailman/listinfo/vpn-dir


_______________________________________________
Vpn-dir mailing list
Vpn-dir@ietf.org
https://www1.ietf.org/mailman/listinfo/vpn-dir