On Thu, Feb 27, 2020, 2:26 PM Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> wrote:
On Thu, Feb 27, 2020 at 5:09 PM Tom Herbert <tom@xxxxxxxxxxxxxxx> wrote:Fernando,
I think we need to be careful that IETF is labeled as a collection of
inflexible architectural purists. We know that standards conformance
is voluntary and we haven't seen the last time that someone, possibly
even a major vendor, will circumvent the system for their own
purposes.IP end to end does not mean the IP address is constant end to end. It never has meant that and never will. An IP address is merely a piece of data that allows a packet to reach its destination. There is no reason to insist on it remaining constant along the path.The sooner people get over that fact the better.If an IPv4 device interacts with an IPv6 device, there will be address translation going on somewhere along the path. That is inevitable.We discovered that there were good reasons for NATing IPv4 besides address multiplexing. The topology of my network is none of your business.More generally, Internet standards only apply to the Inter-net, the network of networks. What happens inside the networks at either end is for the owners of those networks to decide. If we go back to the original Internet design, they didn't even need to run IP. IP end to end come later.So let us stop being dogmatic about things that don't actually matter. The only job of the network layer is to get packets from one end to another. The only job of the transport layer is to provide reliable streams. An application protocol that depends on the IP address remaining constant end to end is a bad protocol and should be rejected.
So Authentication Header and any other sort of Inetwork layer authentication are bad protocols that should be rejected?
Tom