On 2 Dec 2008, at 19:51, Jari Arkko wrote:
Thanks for your review, Colin.
I agree that fixes or better explanations of the background should
be given for the points that you raised. It seems that you and
Hesham are making progress on what needs to be added to the
document, great!
The only item that I too am somewhat worried about in your list is
the address replacement by broken NATs and the tricks used to
prevent that. I feel that the best way to deal with that is to
document this as a potential problem -- the protocol already has
tools to provide a far better obfuscation technique than XOR --
just turn on encryption if this turns out to be a problem and the
device in question cannot be ripped out of the network.
Agreed.
Do we have any information about how widespread such NATs might be?
RFC 5389 just says "some NATs".
Not really, but something that broken can't be common: it'd cause too
many obvious problems.
--
Colin Perkins
http://csperkins.org/
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf