Re: [secdir] [New-work] Re: WG Review: Layer 3 Virtual Private Networks (l3vpn)

[Alex Zinin <zinin@psg.com>]

Paul,

 The proposed charter includes both "trusted" and "secure" VPNs
 following your terminology. The right place for more detailed
 security-related discussions (including the trust assumptions) would
 be the solution-specific documents and applicability statement, not
 the charter, I believe.

 Thanks.

Alex

>>The term "VPN" has been used within the context of this work for quite
>>a while both in the industry and the IETF. It seems that changing it
>>now is not warranted and would only cause confusion.

> Possibly, but you can also possibly be clearer about what type of VPN 
> you are talking about. For over a year, the VPN Consortium has been 
> using two terms to differentiate the types of VPNs: secure VPNs and 
> trusted VPNs. These terms have been accepted favorably by both VPN 
> vendors and the press. (Marketing departments, of course, still 
> prefer the confusing shorthand.)

> A more detailed set of definitions can be found in our white paper at 
> <http://www.vpnc.org/vpn-technologies.pdf>. Obviously, anyone is free 
> to use the terms there; in fact, they originated with discussions 
> with some of our members who support both types of VPNs, most notably 
> Cisco.

> Having the IETF be clear about which type of VPN is being discussed 
> would go a long way towards helping users understand the properties 
> that they are getting when they use a particular VPN service.

> --Paul Hoffman, Director
> --Internet Mail Consortium