VPN Auth (was VPN authentication/verification and WG re-chartering)

["Schliesser, Benson" <bensons at savvis.net>]

Sorry for replying to my own message, but I would like to encourage
discussion around VPN Auth requirements.

> I would like to see discussion of the requirements first, so that 
> candidate solutions have a point of reference.

For instance, I would argue that there are several roles/modes of
authentication that must be considered: SP-managed, user-managed, and
co-managed. Each of these modes have slightly different requirements, of
course, and different alerting and/or response mechanisms.

Across all of these modes the primary goal is to be assured that all
sites attached to the VPN are intended and allowed to be members.
Secondary goals *might* include verification that the CE was configured
by the correct authority (i.e. is not a hacked or replaced device), that
routes originating from the CE (or PE) are legitimate, etc. Maybe a
solution for one of the secondary goals might actually solve the primary
goal, too.

Any thoughts on these goals, and/or how they translate into technical
requirements?

Cheers,
-Benson