mailing list archives
Re: Where NAT disenfranchises the end-user ...
From: RJ Atkinson <rja () inet org>
Date: Mon, 10 Sep 2001 14:06:14 -0400
At 13:47 10/09/01, Richard Welty wrote:
in the case of IPSec, the IP addresses need to be preserved end-to-end
as part of the whole security scheme.
True, but ONLY because the Internet Architecture lacks an alternative
namespace that could identify the box associated with a given network
interface. (The IP address is used in this context to identify the network
interface associated with the Security Association). So that's all true
today, but is driven by a shortcoming in the Internet Architecture.
rja () Inet org
RE: Where NAT disenfranchises the end-user ... Roeland Meyer (Sep 10)
RE: Where NAT disenfranchises the end-user ... woody weaver (Sep 12)