Re: Why?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Snipping out everything not related to one error I'd like to correct.

On Mar 14, 2005, at 11:00 PM, Tony Hain wrote:

[suresh] VOIP appls go through the same kind of paylod processing in
firewalls
as do NATs with ALG support for the application. In many implementations,
firewall and NAT share the same ALG for protocol monitoring and
application
processing.

This will be interesting when the VoIP apps start encrypting end to end.
SRTP is just as opaque to those ALGs as IPsec, so either route will mean a
change to traditional firewalls and policies.


SRTP only encrypts the media payload, not the RTP headers, so in fact SRTP is one protocol not broken by ALGs.

(The above is not to be taken as an endorsement of ALGs, NATs or any other middleboxes which break end-to-end transparency.)

Tony


_______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]