Where NAT disenfranchises the end-user ...
Richard Welty
rwelty at averillpark.net
Mon Sep 10 18:18:46 UTC 2001
On Mon, 10 Sep 2001 14:06:14 -0400 RJ Atkinson <rja at inet.org> wrote:
>
> At 13:47 10/09/01, Richard Welty wrote:
> >in the case of IPSec, the IP addresses need to be preserved end-to-end
> >as part of the whole security scheme.
>
> True, but ONLY because the Internet Architecture lacks an alternative
> namespace that could identify the box associated with a given network
> interface. (The IP address is used in this context to identify the network
> interface associated with the Security Association). So that's all true
> today, but is driven by a shortcoming in the Internet Architecture.
perhaps, but this doesn't invalidate either his question or my answer
to it. this whole discussion is really pointless due to the fact that
right this minute, reality sucks, and cannot be instantly fixed by a
stupid flame war.
richard
--
Richard Welty Averill Park Networking
rwelty at averillpark.net 518-573-7592
More information about the NANOG
mailing list