IP Security Remote Access BOF (ipsra)

Monday, March 15 at 0930-1130
=============================

Chair: Roy Pereira <rpereira@timestep.com>

DESCRIPTION:

The rapid growth of remote access and the subsequent transition from 
older direct-dial methods to Internet-based remote access is making an 
impact secure communications. 

IP Security (IPSec), as it is today defined, is missing key functionality
needed to effectively support Internet-based remote access as well as 
being difficult to deploy to remote users. IPSec is quite functional and 
provides for a very robust base of security specifications, thus any new
functionality would have to be added to the existing specifications as
add-ons and not disrupt existing implementations.

To address these problems the IPSRA Working Group will:

1) specify an extensible mechanism for bootstrapping remote IPSec users
2) specify an extensible mechanism to extend IPSec to support legacy user
   authentication methods such as RADIUS

The proposed work item for this group would yield standards that are
compatible with the existing IPSec architecture [RFC 2401] and IKE,
complementing the standards work achieved by the IPSec Working Group. 
This work will be derived from, but not limited to, all or some of the 
following documents:
  draft-ietf-ipsec-iskamp-xauth
  draft-ietf-ipsec-isakmp-mode-cfg
  draft-ietf-ipsec-isakmp-hybrid-auth
  draft-ietf-ipsec-dhcp

AGENDA:

- Agenda bashing
- Series of presentations of related work
- Open discussion and consensus gathering: do we need to form a WG to 
  do the proposed work?
- Collect feedback and modify charter
- adjourn