Just to inform you: below charter is now with our AD's as final charter proposal for the firewall issues research group after comments of GGF13 have been considered. Our AD's are taking this charter to the GFSG ----- Firewall Issues Research Group (FI-RG). Chairs: Leon Gommans, Inder Monga Area Directors: Olle Mulmo, Dane Skow Mailing list: (requested as) fi-rg@ggf.org Description of Work: Grids increasingly require application driven transport privileges from the network. As such, the network is asked to enforce policy decisions on behalf of various entities participating in an application. For this purpose, the network employs functions such as firewalls, network address translators, application level gateways, VPN style gateways etc. The research group will first document the type of issues that Grid applications experience when the need arises to control data transport policy enforcement devices. Some examples are highlighted in GFD.37. Once the types of issues have been identified, the group will relate these issues to specific categories of enforcement devices. The first group of devices falls into the category the IETF refers to as "middle-boxes". The group will deliver a document that will analyze and categorize scenario's using existing IETF protocols, architectures and frameworks. The analyses will also try to identify functionalities for which the current state of technology appears not to provide solutions for the Grid. The work to be considered includes the work of the following IETF groups: * midcom - "middlebox" communication: http://www.ietf.org/html.charters/midcom-charter.html * aft - Authenticated Firewall Traversal: http://www.ietf.org/html.charters/aft-charter.html * nsis – Next Steps in Signaling: http://www.ietf.org/html.charters/nsis-charter.html Subsequent area's of research will include the description and evaluation of below category of devices: * Application Level Gateways. * Host based firewall functions. * VPN style gateways. Existing documents from the grid community will be used as starting point. Relevant output of this Research Group will be brought to the attention of the IETF via the GGF liaison to the IETF. Goals and Milestones: Submit informational documents that describe: 1) An inventory of the type of issues when Grid jobs have to deal with middle-box functions, application level gateways, VPN style gateways, etc. Describe and classify the issues in document #1 2) An evaluation of existing IETF middle-box (signaling-) protocols and functions. Recognize possible limitations and produce a list of requirements towards the IETF in document #2 3) An evaluation of approaches and solutions such as application level gateways, host based firewalls, VPN style gateways etc. Capture results in document #3 GGF13: Charter discussion and group volunteers (done). GGF14: Collection of existing documents with Group discussions GGF15: First draft of document #1 and Group discussions. GGF16: WG-last call and submission of document #1. Draft of document #2 and group discussions GGF17: WG last-call and final submission of document #2. GGF18: Draft document #3 and group discussions. GGF19: 2nd draft of document #3 with group discussions. GGF20: WG last-call and final submission of document #3.