Hi Melinda, > You definitely do > not want to design a mechanism that enables policy > violation. > > I have just been waiting for this comment. Interestingly, you could combine mechanisms, namely * mechanisms that traverse the NAT/firewall and do not require cooperation * mechanisms that allow the middlebox to participate We have seen these mechanisms being proposed in the IETF. Unfortunately, it was not so easy to convince people that these mechanisms would be deployed by middlebox vendors. > Melinda > Ciao Hannes _______________________________________________ Ietf@xxxxxxxx http://www.ietf.org/mailman/listinfo/ietf