[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bidding down attach on NAT-T

To: "Andrew Krywaniuk" <askrywan@hotmail.com>
Subject: Re: bidding down attach on NAT-T
From: Francis Dupont <Francis.Dupont@enst-bretagne.fr>
Date: Fri, 07 Mar 2003 10:17:35 +0100
cc: ipsec@lists.tislabs.com
In-reply-to: Your message of Thu, 06 Mar 2003 20:01:14 EST. <F61Veya92VRYYRgzAJf0002defe@hotmail.com>
Sender: owner-ipsec@lists.tislabs.com

 In your previous mail you wrote:

   This seems like such an imaginary problem. I mean, what are you going to do 
   to prevent it? An international registry of authorized NATs? Bring back 
   strick source routing?
   
=> I believe you missed the fact I didn't try to make NAT traversal
secure (I clearly wrote I believe it is near impossible): you are
in my side, i.e., you consider that NAT traversal has an untrackable
security issue with attackers which behave like NATs.

Regards

Francis.Dupont@enst-bretagne.fr

Follow-Ups:
- Re: bidding down attach on NAT-T
  - From: Derek Atkins <derek@ihtfp.com>

References:
- Re: bidding down attach on NAT-T
  - From: "Andrew Krywaniuk" <askrywan@hotmail.com>

Prev by Date: Re: comments on ikev2 05 (cryptography)
Next by Date: I-D ACTION:draft-ietf-ipsec-pki-profile-02.txt
Prev by thread: Re: bidding down attach on NAT-T
Next by thread: Re: bidding down attach on NAT-T
Index(es):
- Date
- Thread