[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSEC and NAT and the BIG PICTURE
Dan McDonald wrote:
>
> I could make some choice comments here about NAT being what happens when we
> don't deploy the _right_ solution (IMHO the right solution is IPv6, or any
> IPng) quickly enough.
> I could also say that I hope we (and I cheerfully include myself in "we")
> don't make the same mistake w.r.t. being too slow to deploy the _right_
> solution.
>
Again, I am replying to one particular post, but I am not replying in
particular to that post; this is for all the posts which imply that this
spec should have been finished yesterday.
I will counter Dan's comments by saying that NAT provides a working
mechanism which resolves a number of problems resulting from
short-sighted design/implementation decisions. Having risked angering
those who made the decisions, I will add that I recognize that they
simply did not foresee the Internet that we know today - I don't think
anyone did.
Again, at the risk of incurring the wrath of many, I choose an unpopular
stance: if this specification is rushed, you will find innumerable
'eyesore kludges' in the not-too-distant future resulting from
oversights in this design process.
If we really wish to maximize design speed without sacrificing the
quality of this specification, everyone needs to recognize and agree
with the following observation: This is *not* primarily about any
company's individual financial concern; this is about the world's
communications infrastructure. The convenience of XYZ Corp. really
should have no bearing on this process, and when design problems are
noted, the inconvenience incurred by any entity in changing their
implementation simply should not be a consideration.
Follow-Ups:
References: