Hi Tom,
The question of where the servers would be located, locally or somewhere out on the Internet, was raised during the development of this document and the answer was, we do not know; so I think that if you only regard it as secure when only an internal network is involved, then that needs calling out in the Security Considerations.
Let me observe that significant number of "internal networks" these days go over third party unencrypted or unsecured to the desired level VPNs.
So is it ok to state that a network which consists of N sites all with external EBGP feed while being interconnected by L3VPN could use single cache residing only in one site ?
Thx, R. _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf