Michel, All know now that NAT breaks security and destroys end-2-end. In the other part of my life and it sounds like we talk to similar people, I am struggling now with the other transtion and that is from NAT. But its not like people like it :---). Its kind of like your kid is on drugs. You still love the kid but it would be nice if you could get them off drugs. NAT hides stuff clearly and stuff that also does bad things to the network as a note and one of its uses I find lately, but its not a plan to move forward. And we will need to provide that security with IPv6 as a note that they did not get with NAT. So this entire private address/NAT illusion put down on folks now will affect us still but we can fix it now with strong security for IPv6 and doing what Margaret suggested and Tony has suggested and we can leave it in the architecture for now till a later day.
I think we are all in violent agreement here? Leave the architecture alone for tomorrow. Use Margarets fix as BCP or whatever. Michel and I can use it in physics experiments tomorrow. And we can work on the next important topic for v6ops? And what Dan wanted too I think that is another task but probably not here. /jim [Have you ever seen the rain coming down on a sunny day] > -----Original Message----- > From: Michel Py [mailto:michel@;arneill-py.sacramento.ca.us] > Sent: Monday, October 28, 2002 5:46 PM > To: Alain Durand > Cc: [EMAIL PROTECTED] > Subject: RE: Limiting the Use of Site-Local > > > > Alain Durand wrote: > > Oh... the old argument that NAT/private address > > brings security... > > Go tell that to people that write requirements, especially > the ones that work for the government, and when you have > convinced them get back to us, ok? > > Michel. > > > -------------------------------------------------------------------- > IETF IPng Working Group Mailing List > IPng Home Page: http://playground.sun.com/ipng > FTP archive: ftp://playground.sun.com/pub/ipng > Direct all administrative requests to [EMAIL PROTECTED] > -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
