> > > The delusion that network operators can successfully use unhelpful > protocols and/or smoke and mirrors to force idealist network design on > others needs to end. People use new protocols because they are better. > If the benefit of moving to a new protocol does not outweigh the pain > of moving to it, people don't use it. That's why the OSI protocols did > not kill IP like they were supposed to in the 90s, it is why the largely > forgotten mandated move from Windows to secure OSes (ie, Unix) for all > government employees never happened, and it is why IPv6 is sputtering. > If people want to use NAT, they are going to use NAT. They may stop > using it if the widespread adoption of peer to peer protocols means they > are missing out on things other people are doing. They are not going to > stop using NAT to use a protocol maliciously designed to break it; they > will just wait, patiently and nearly always successfully, for somebody > to come out with a version that has no such malice. They are certainly > not going to stop using NAT because somebody tells them they should use > a security protocol that does not secure anything worth securing. > > BitTorrent is a better anti-NAT tool than AH ever will be. More carrot, > less stick. >
I agree. Folks are going to use ESP-NULL if they really want Integrity Protection .. > -Dave > >
