> We would like to get plenty of review and comment. Rather than dealing with individual edits, I'd rather start with a general philosophy question. I understand that the IETF thinks NATs are evil, but I also think there shouldn't be so much emphasis on "homenets are not NAT," in an architecture document. Can we sideline the entire discussion over NATs. They're going to be there no matter what.
My second concern is that while I understand the "end-to-end principle," I also know that it's not realistic in many situations --and the home is one place where it's probably not. I know, I know, this is all heresy, but hear me out for a second before you hit reply and tell me how stupid I am being. This one line illustrates the entire concept in a nutshell: > Security perimeters can of > course restrict the end-to-end communications, but it is > easier to block certain nodes from communicating than it is to re- > enable nodes to communicate if they have been hidden behind > address translation devices. Is this really true? When I want to secure a physical space, I block off all access, then put in carefully thought out access control points. I don't pile all my goods in the middle of the street, and then actively monitor every person who walks by, hiring more people to do the monitoring as needed. And I would point out that the problem is even worse in the network world --it's a large risk to come into my house and try to rob me, because of the physical danger involved. There is physical risk for the person breaking and entering, in other words. Breaking into me network has no risk whatsoever, and the gain could be huge --larger than stealing what I have in my living room. Instead of stealing my television, could steal my identity --and all at no physical risk, with trivial effort (you don't have to actually go to my house, etc.). So my posture on the network side is actually "stronger," and "more suspicious," than it is on the physical side. I think we should be a little more realistic about network security. We'd all like to live in a world where there are no identity thieves, and there are no viruses, and there is no-one trying to harm you, or invade your privacy. But that's just not real. And I know I'm about to get all sorts of stories about how someone has had their computer connected to the internet for x number of years, no nat, no firewall, and they've never caught anything, nor had anyone steal anything. Maybe you just need to lead a more interesting life if that's the case. And I'm happy for you, but when I actually administered a large network, I had virus incidents constantly --and I know I face it all the time in customer networks. So, IMHO: 1. Stop the screed against NAT. 2. Set out positive requirements, rather than negative ones. 3. Be realistic about security --the default should be _nothing_ reaches into my home, and I should have an easily managable way to allow what I want to allow. The default should not be an open door to anyone from anyplace at any time, and then "we'll put in advanced monitoring to block activity." Just my 2c. :-) Russ _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
