Fwd: RE: Review needed -- draft-touch-ipsec-vpn-06.txt
Ross Callon <rcallon@juniper.net> Wed, 21 January 2004 21:00 UTC
Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA08274 for <vpn-dir-archive@odin.ietf.org>; Wed, 21 Jan 2004 16:00:49 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AjPSW-0003ei-Pe for vpn-dir-archive@odin.ietf.org; Wed, 21 Jan 2004 16:00:20 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i0LL0KIF014053 for vpn-dir-archive@odin.ietf.org; Wed, 21 Jan 2004 16:00:20 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AjPSW-0003eO-DR for vpn-dir-web-archive@optimus.ietf.org; Wed, 21 Jan 2004 16:00:20 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA08263 for <vpn-dir-web-archive@ietf.org>; Wed, 21 Jan 2004 16:00:18 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AjPSU-0001O2-00 for vpn-dir-web-archive@ietf.org; Wed, 21 Jan 2004 16:00:18 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1AjPRb-0001ML-00 for vpn-dir-web-archive@ietf.org; Wed, 21 Jan 2004 15:59:23 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AjPRF-0001KJ-00 for vpn-dir-web-archive@ietf.org; Wed, 21 Jan 2004 15:59:01 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AjPRF-0003SK-1N; Wed, 21 Jan 2004 15:59:01 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AjPQd-0003K9-Br for vpn-dir@optimus.ietf.org; Wed, 21 Jan 2004 15:58:23 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA08205 for <vpn-dir@ietf.org>; Wed, 21 Jan 2004 15:58:21 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AjPQb-0001J0-00 for vpn-dir@ietf.org; Wed, 21 Jan 2004 15:58:21 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1AjPPj-0001Gx-00 for vpn-dir@ietf.org; Wed, 21 Jan 2004 15:57:27 -0500
Received: from colo-dns-ext2.juniper.net ([207.17.137.64]) by ietf-mx with esmtp (Exim 4.12) id 1AjPPS-0001E9-00 for vpn-dir@ietf.org; Wed, 21 Jan 2004 15:57:10 -0500
Received: from merlot.juniper.net (merlot.juniper.net [172.17.27.10]) by colo-dns-ext2.juniper.net (8.12.3/8.12.3) with ESMTP id i0LKudBm038511; Wed, 21 Jan 2004 12:56:39 -0800 (PST) (envelope-from rcallon@juniper.net)
Received: from rcallon-lt.juniper.net (rcallon-lt.jnpr.net [10.10.132.99]) by merlot.juniper.net (8.11.3/8.11.3) with ESMTP id i0LKudh17133; Wed, 21 Jan 2004 12:56:39 -0800 (PST) (envelope-from rcallon@juniper.net)
Message-Id: <4.3.2.20040121152826.030d8028@zircon.juniper.net>
X-Sender: rcallon@zircon.juniper.net
X-Mailer: QUALCOMM Windows Eudora Version 4.3
Date: Wed, 21 Jan 2004 15:39:13 -0500
To: Thomas Narten <narten@us.ibm.com>
From: Ross Callon <rcallon@juniper.net>
Subject: Fwd: RE: Review needed -- draft-touch-ipsec-vpn-06.txt
Cc: vpn-dir@ietf.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: vpn-dir-admin@ietf.org
Errors-To: vpn-dir-admin@ietf.org
X-BeenThere: vpn-dir@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/vpn-dir>, <mailto:vpn-dir-request@ietf.org?subject=unsubscribe>
List-Id: VPN Directorate <vpn-dir.ietf.org>
List-Post: <mailto:vpn-dir@ietf.org>
List-Help: <mailto:vpn-dir-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/vpn-dir>, <mailto:vpn-dir-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=2.0 required=5.0 tests=AWL,FORGED_MUA_EUDORA autolearn=no version=2.60
These comments came from an internal Juniper person who has worked with IPsec implementations. Since the document came from inside Juniper, it contained some internal stuff, so I am forwarding the pertinent parts. Ross >In a nutshell, the draft suggests that IPsec transport mode should >be used, instead of IPsec tunnel mode, to connect private networks >over a public infrastructure, when dynamic routing is required. > >The "fundamental problems" with the use of IPsec tunnel mode >with dynamic routing, as described by the author, if anything, >seem to be an implementation specific problem. > >Also, I think I recognize this draft. It appeared in the IPsec WG >years ago but people there did not care for it. _______________________________________________ Vpn-dir mailing list Vpn-dir@ietf.org https://www1.ietf.org/mailman/listinfo/vpn-dir