On Jul 26, 2011, at 9:04 AM, Jan Zorz @ go6.si wrote:
On 7/26/11 3:44 PM, Ole Troan wrote:
My suggestion would be to add (in addition to RFC6204 in mandatory):
"If this specification is used for business class CPE, then IPsec-v2 [RFC2401, RFC2406, RFC2402], IKE version 2 (IKEv2) [RFC4306, RFC4718] and ISAKMP [RFC2407, RFC2408, RFC2409] must be supported in addition to RFC6204 requirements"
Any opinions from the WG on this? Otherwise I would add this to the spec.
Ole?
on the fence, but if I had to fall down on one side I think its OK. perhaps a should? it really depends on the deployment. not all business deployments require VPNs. which presume is what is the underlaying reason for requiring this?
Ole, thnx for kicking in...
So, did you mean something like this in Optional section:
"If this specification is used for business class CPE, then it is highly recommended, that IPsec-v2 [RFC2401, RFC2406, RFC2402], IKE version 2 (IKEv2) [RFC4306, RFC4718] and ISAKMP [RFC2407, RFC2408, RFC2409] are unconditionally required in addition to RFC6204 requirements"
Would that work?
What others think?
The document lists mandatory and optional requirements. I think we should stick to this model. I like this new wording for the optional section here since it does stipulate that IPsec is strongly recommended but does not mandate it. - merike