[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NAT-T, IKEv2, Vendor ID, port floating??
In your previous mail you wrote:
I would hesitate to make NAT detection mandatory, just for patenting
reasons.
=> I don't believe the NAT detection is patented even if not all
patent applications for trivial things are rejected.
I'm not saying there is necessarily any problem with that,
but I remember that detection of a NAT was one thing being claimed by
an SSH patent application. So, if we assume that there are relatively
paranoid people out there who are paranoid about the patent issues, they
wouldn't want NAT detection being mandatory.
=> I am not paranoid (about patents or other things) but I'll strongly
object if IKEv2 has no defense against attacks on peer addresses.
(If that didn't contain enough disclaimers) I would point out that it's
a long while since I read those patent applications, and I've no idea
about their current status. Nor do I care about their status.
=> this is not at all against you but IMHO there is some FUD about IKEv2
and patent issues. This has to be fixed (if some real patents apply)
or to cease (if none applies).
Regards
Francis.Dupont@enst-bretagne.fr