On Mon, 2006-03-20 at 11:51 -0500, Keith Moore wrote: > > you shouldn't allow unrestricted access to the network from unmanaged > > hosts, that's a recipe for disaster. > > no, what's a disaster is to use source IP addresses or port numbers as > an indication of trustworthiness on any network that extends beyond a > single room. the notion that you can "manage" significant numbers of > hosts to ensure their trustworthiness is delusional. I don't see any contradiction in what you and I are saying, although I would extend "single" to "handful". in any case, it's getting off topic for the issue at hand, so please continue discussion in private if you care to respond. -- Kjetil T. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf