[13317] in North American Network Operators' Group
Re: NAT etc. (was: Spam Control Considered Harmful)
daemon@ATHENA.MIT.EDU (Jay R. Ashworth)
Sun Nov 2 12:44:19 1997
Date: Sun, 2 Nov 1997 12:35:57 -0500
From: "Jay R. Ashworth" <jra@scfn.thpl.lib.fl.us>
To: nanog@merit.edu
In-Reply-To: <19971102123145.46573@freedom.bythetrees.com>; from Alan Hannan <hannan@bythetrees.com> on Sun, Nov 02, 1997 at 12:31:45PM -0500
On Sun, Nov 02, 1997 at 12:31:45PM -0500, Alan Hannan wrote:
> > Yup, it could, but as I noted to Paul, in the cases Sean is advocating,
> > the client and the NAT box may not be within the same span of
> > administration, either. IE: no, you may _not_ trust the NAT op.
>
> In today's internet, the DNS management, the routing
> administration, and the ADM engineer are all outside of central
> administration.
>
> This is analagous to the case you bring up, and yet we work well.
>
> Proxy aggregation of address space occurs, and yet the world goes
> on.
>
> That the NAT administration would be different from that of the
> flow endpoints is orthagonal to the discussion.
No, I'm afraid I don't think that's true. This is a question of
_trust_, and if I don't wish to allow the operator of a NAT box to
proxy my trust in a nameserver operator, there really isn't any good
way around that.
Cheers,
-- jra
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Unsolicited Commercial Emailers Sued
The Suncoast Freenet "Pedantry. It's not just a job, it's an
Tampa Bay, Florida adventure." -- someone on AFU +1 813 790 7592
