Re: I intend to have a document ready for Atlanta on this subject.

[Richard Shockey <rshockey@ix.netcom.com>]

At 10:47 PM 10/4/2002 +0200, you wrote:
>On Fri, 4 Oct 2002, Richard Shockey wrote:
>
> > It would seem that a IPsec only solution would miss a useful opportunity
> > to address the larger problem.
>
>are we sure we really have to solve the larger problem? by starting to
>solve small problems, I believe we have a better chance of succeeding.

I can accept that . The IPsec issue is interesting, important and probably 
looks like the general case of application specific key discovery in a 
microcosm.

What does concern me is devising a problem statement that does not 
automatically preclude the option of pointers vs inclusion in the DNS.

The risk of a BOF, even for the specific IPsec problem, is that it will 
quickly into camps and that a path to WG success is blocked as it was with 
SIKED.


>different protocols has different needs and should use different
>solutions. appkey did try to squeeze everything down into one big key
>bucket. I think that was the wrong path and that we know better now.

And indeed there may not be one single solution to the IPsec key discovery 
problem it would be nice to see some granularity in the RR. Hate NAPTR and 
DDDS if you must but it is the most flexible and dynamic RR we have in the DNS.

I will take a stab at a BOF proposal and post it shortly for people to beat 
up on ..but I will outline risk factors the IESG must consider.

If it ends up being SIKED Jr. we will have accomplished nothing.

best wishes... and thank you for you comments.


>         jakob


 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Richard Shockey, Senior Manager, Strategic Technology Initiatives
NeuStar Inc.
46000 Center Oak Plaza  -   Sterling, VA  20166
Voice +1 571.434.5651 Cell : +1 314.503.0640,  Fax: +1 815.333.1237
<mailto:richard@shockey.us> or <mailto:richard.shockey@neustar.biz>
  <http://www.neustar.biz> ; <http://www.enum.org>
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<