Hi Mohamed, On Jul 26, 2012, at 10:30 AM, <mohamed.boucad...@orange.com> wrote:
>> But aside from that, I disagree with you on purpose of whatever is >> being attempted here. The document is about identifying hosts, and >> you mention "users". These are not the same thing. Which do you want >> to identify? In my opinion, anything related to users (and not hosts) >> should be completely out of scope. > > Med: Agreed. The notion of "user" is out of scope of > draft-ietf-intarea-nat-reveal-analysis. It would be nice if that would actually be true. Just an example from Section 13.2 of RFC 6269 http://tools.ietf.org/html/rfc6269#section-13 " Simple address-based identification mechanisms that are used to populate access control lists will fail when an IP address is no longer sufficient to identify a particular subscriber. " Hint: >> particular subscriber << During the Taipei presentation I had complained about promoting inadequate (or historic) security mechanisms for user authentication already. The IETF has developed technology to provide cryptographic authentication (at all layers) already since 20 years. Ciao Hannes _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area
