NAT etc. (was: Spam Control Considered Harmful)

• Previous message (by thread): NAT etc. (was: Spam Control Considered Harmful)
• Next message (by thread): NAT etc. (was: Spam Control Considered Harmful)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Nov 02, 1997 at 12:31:45PM -0500, Alan Hannan wrote:
> > Yup, it could, but as I noted to Paul, in the cases Sean is advocating,
> > the client and the NAT box may not be within the same span of
> > administration, either.  IE: no, you may _not_ trust the NAT op.
> 
>   In today's internet, the DNS management, the routing
>   administration, and the ADM engineer are all outside of central
>   administration.
> 
>   This is analagous to the case you bring up, and yet we work well.
> 
>   Proxy aggregation of address space occurs, and yet the world goes
>   on.
> 
>   That the NAT administration would be different from that of the
>   flow endpoints is orthagonal to the discussion.

No, I'm afraid I don't think that's true.  This is a question of
_trust_, and if I don't wish to allow the operator of a NAT box to
proxy my trust in a nameserver operator, there really isn't any good
way around that.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra at baylink.com
Member of the Technical Staff             Unsolicited Commercial Emailers Sued
The Suncoast Freenet      "Pedantry.  It's not just a job, it's an
Tampa Bay, Florida          adventure."  -- someone on AFU      +1 813 790 7592

• Previous message (by thread): NAT etc. (was: Spam Control Considered Harmful)
• Next message (by thread): NAT etc. (was: Spam Control Considered Harmful)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]