|
I’m too close to this to give an unbiased report, and
I’m not going to pretend otherwise. The impression I would have gotten
from the BOF in isolation was very different from what I believe to be the
case. This work is leftover from the IPSEC WG. If the IPSEC WG
were not being disbanded, it would stay there. Several times within the IPSEC
working group, it was presented as a “trivial” change, but it was
never possible to reach consensus on what the trivial change was. There is a lot of overlap between the designs of IPSEC and
Mobile IP. Both implement tunnels where fixed points on the net relay messages
for nodes whose address is less stable by having “inner” and “outer”
address pairs and nodes talking to the “mobile” node think its
address is at the fixed relay point. If Mobile IP were to be built atop IPSEC,
it could be (incrementally) much simpler (though lower performance). When both
IPSEC and Mobile IP are in use for the same endpoint – likely a common
scenario – there is a logically unnecessary complexity and performance
hit. The premise of this WG is that there are trivial ways to
integrate IPSEC and Mobile IP that get most of the benefits. I believe this
premise is probably true, and that this WG should be given a chance to get
there. They should be given a fairly tight leash, however, because if allowed
time to design something unworkably complex they are likely to do so. --Charlie |