[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: bidding down attach on NAT-T
In your previous mail you wrote:
IPSEC (as implemented) is a massive pain wrt NAT.
Even if users have a choice to remove their NAT (i.e. their home
Linksys router), they usually don't want to or can't.
=> I believe you assume far too much about the power of the IETF.
The only useful thing that IETF can (should!) do is to define
a good NAT traversal mechanism. To make its support mandatory is
only annoying for implementors, this doesn't make it more available
on the market...
I realize there are lots of other ways for IPSEC to be employed, but
remote network access is certainly a key area that is hurting because
of this. I strongly recommend a MUST for NAT-T.
=> reread RFC 2119.
Regards
Francis.Dupont@enst-bretagne.fr