At 10:05 PM 12/7/99 -0500, Perry E. Metzger wrote: >Tripp Lilley <[EMAIL PROTECTED]> writes: > > > I don't think NATs are architecturally "correct", but I think they're > > teaching us an important lesson about the (initially valid) assumptions > > about end to end connectivity. Even after we eradicate NATs through > > wholesale migration to v6 (optimist hat on), the paranoid will still > > deploy ALGs on their firewalls to mediate access to those globally > > routable lightbulb and security camera addresses. > >I'm not sure that's the right model, actually. IP addresses are too >easy to forge. The right way to stop people from doing that sort of >thing is to deploy end to end security protocols that strongly >authenticate both ends. Anythink mankind can lock, mankind can unlock. You will never get rid of firewalls. At least not in our lifetimes.
- Re: IP network address a... Harald Tveit Alvestrand
- Re: IP network address a... Daniel Senie
- Re: IP network address a... Harald Tveit Alvestrand
- Re: IP network address a... Perry E. Metzger
- Re: IP network address a... Matt Crawford
- Re: IP network address a... Tripp Lilley
- Re: IP network address a... Perry E. Metzger
- Re: IP network address a... Tripp Lilley
- Re: IP network address a... Keith Moore
- Re: IP network address a... John Stracke
- Re: IP network address a... Matt Holdrege
- Re: IP network address a... Keith Moore
- Re: IP network address a... Bill Manning
- Re: IP network address a... Tripp Lilley
- Re: IP network address a... Brian E Carpenter
- Re: IP network address a... Keith Moore
- Re: IP network address assig... Randy Bush
- Re: IP network address a... Matt Crawford
- Re: IP network address assignments/allocation... Valdis . Kletnieks
- Re: IP network address assignments/allocations inf... Bob Braden
- Re: IP network address assignments/allocation... Brian E Carpenter
