Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us> Thu, 05 February 1998 20:52 UTC
Delivery-Date: Thu, 05 Feb 1998 15:52:29 -0500
Return-Path: owner-nat@livingston.com
Received: from bast.livingston.com (bast.livingston.com [149.198.247.2]) by ietf.org (8.8.7/8.8.7a) with ESMTP id PAA17794 for <ietf-archive@ietf.org>; Thu, 5 Feb 1998 15:52:27 -0500 (EST)
Received: from server.livingston.com (server.livingston.com [149.198.1.70]) by bast.livingston.com (8.8.5/8.6.9) with ESMTP id MAA16923; Thu, 5 Feb 1998 12:45:40 -0800 (PST)
Received: (from majordom@localhost) by server.livingston.com (8.8.5/8.6.9) id MAA07492 for nat-outgoing; Thu, 5 Feb 1998 12:51:04 -0800 (PST)
Message-Id: <199802052049.UAA09443@orchard.arlington.ma.us>
To: Yakov Rekhter <yakov@cisco.com>
cc: "Perry E. Metzger" <perry@piermont.com>, Cheng_Chen@3com.com, Dan Nessett <Dan_Nessett@tdc.3com.com>, ipsec@tis.com, nat@livingston.com, paul_douglas@3com.com, raj_bhatia@3com.com, ken_araujo@3com.com
In-reply-to: Your message of "Thu, 5 Feb 1998 12:47:46 -0500 (EST) ." <199802051648.IAA29194@puli.cisco.com>
Date: Thu, 05 Feb 1998 15:48:27 -0500
From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
Sender: owner-nat@livingston.com
Precedence: bulk
Reply-To: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
Yakov, You seem to be characterizing this as a "ipsec vs. NAT" debate. It's really a "security vs. NAT" debate. Over the past 10 years, I've worked on a number of different systems with integrated crytographic security which, among other things, often cryptographically protect IP addresses from modification... either at the network layer, like ipsec, or above it in the application layer. Every single one of these systems is broken by NAT. Every single one. This says quite a bit about the violence which NAT does to the goal of securing the Internet. - Bill - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe nat' in the body of the message.
- RE: (NAT) Re: Interactions between IPSEC and NAT Vinod Valloppillil
- RE: (NAT) Re: Interactions between IPSEC and NAT Vinod Valloppillil
- Re: (NAT) Re: Interactions between IPSEC and NAT Perry E. Metzger
- Re: (NAT) Re: Interactions between IPSEC and NAT Steve Bellovin
- (NAT) Re: Interactions between IPSEC and NAT Alex Alten
- (NAT) Re: Interactions between IPSEC and NAT Cheng_Chen
- Re: (NAT) Re: Interactions between IPSEC and NAT bound
- (NAT) Re: Interactions between IPSEC and NAT Alex Alten
- (NAT) Re: Interactions between IPSEC and NAT Alex Alten
- Re: (NAT) Re: Interactions between IPSEC and NAT George Tsirtsis
- Re: (NAT) Re: Interactions between IPSEC and NAT Ben Rogers
- (NAT) Re: Interactions between IPSEC and NAT Perry E. Metzger
- (NAT) Re: Interactions between IPSEC and NAT Perry E. Metzger
- Re: (NAT) Re: Interactions between IPSEC and NAT Yakov Rekhter
- (NAT) Re: Interactions between IPSEC and NAT Raul Miller
- Re: (NAT) Re: Interactions between IPSEC and NAT Derrell D. Piper
- Re: (NAT) Re: Interactions between IPSEC and NAT Pyda Srisuresh
- Re: (NAT) Re: Interactions between IPSEC and NAT Alexei V. Vopilov
- Bill Sommerfeld
- Re: (NAT) Re: Interactions between IPSEC and NAT bound
- Re: (NAT) Re: Interactions between IPSEC and NAT Pyda Srisuresh
- Re: (NAT) Re: Interactions between IPSEC and NAT bound
- Re: (NAT) Re: Interactions between IPSEC and NAT Pyda Srisuresh