Re: (NAT) Re: Interactions between IPSEC and NAT

[Ben Rogers <ben@Ascend.COM>]

bound@zk3.dec.com writes:

> Do we discuss such notions here or do we need to have an Avoidance of
> NAT BOF and eventual Working Group at the L.A. IETF?

>From the proposed NAT WG charter:

    The second set of documents will specify NAT friendly application
    and protocol design guidelines, interactions between NATs and
    applications such as DNS and protocols such as IP sec and mobile
    IP. The documents would also be extended to identify areas where
    NATs or other protocols and applications can be improved to overcome
    the shortcomings in interoperability or functionality.  Due to the
    importance of the issue, specific attention will be given to the
    problems created by NATs for security protocols such as IPsec.

Which makes it sound as if they're planning to be handling such issues.
I know that one of the important points mentioned in the Washington was
that if NAT were going to fly as a WG it would need to work around the
security interactions by modifications to the way we do NAT instead of
modifications to the way we do security.


ben

---

Follow-Ups:

• Re: (NAT) Re: Interactions between IPSEC and NAT
• From: "Derrell D. Piper" <ddp@network-alchemy.com>

References:

• Re: Interactions between IPSEC and NAT
• From: Alex Alten <Andrade@netcom.com>
• Re: (NAT) Re: Interactions between IPSEC and NAT
• From: bound@zk3.dec.com

---

• Prev by Date: SKEYID lengths and IVs
• Next by Date: Re: Interactions between IPSEC and NAT
• Prev by thread: Re: (NAT) Re: Interactions between IPSEC and NAT
• Next by thread: Re: (NAT) Re: Interactions between IPSEC and NAT
• Index(es):
  • Main
  • Thread