North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Where NAT disenfranchises the end-user ...
At 13:47 10/09/01, Richard Welty wrote: >in the case of IPSec, the IP addresses need to be preserved end-to-end >as part of the whole security scheme. True, but ONLY because the Internet Architecture lacks an alternative namespace that could identify the box associated with a given network interface. (The IP address is used in this context to identify the network interface associated with the Security Association). So that's all true today, but is driven by a shortcoming in the Internet Architecture. Ran [email protected]