On Oct 31, 2010, at 12:11 PM, Roger Marquis wrote: > Keith Moore wrote: >>> The only argument I've ventured is that there ARE legitimate usage cases >>> for NAT (both the flavor being described in this document and a statefull >>> NAT similar to what exists in IPv4 today). >> you're grossly exaggerating those use cases. security is NOT a legitimate >> use case for NAT. security is NOT enhanced by imposing mechanisms that make >> network policy enforcement less flexible. > > Keith, > > Such extreme statement do need to be backed-up with evidence to be taken > seriously. Your opinion condradicts 99% of current practices including > sites with no other use for NAT than security.
I'm taking you far more seriously than you deserve. Security experts don't recommend particular practices just because other people recommend them. They make recommendations based on whether they make good sense for the situation at hand. You're confusing engineering with fashion. If you want to be a lemming, feel free, but this is not the place to do it. Keith _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
