Why is it so hard for people here to believe that customers might
actually know what they want, even if you don't happen to think
it's a good idea?
Going back a message or two, the firewall problem is more
tractible than the NAT problem but you're right, it's
similar in some of its impediments.
Anyway, I do think that people know what they want, but from
talking with the denizens of, say, comp.security.firewalls
there's a lot of confusion about the technology, what it
accomplishes, and what problems it introduces.
My take on it is that users and network administrators
really - I mean *really* - don't want universal reachability
anymore. They want to be reachable by the people they want
to be reachable by and nobody else, and that's technology
that we don't know how to provide. In the absence of better
technology they're relying on firewalls and NATs. I think
there's a gross mismatch between the economic model
underlying IP and the ones underlying how networking is
practiced today, and that the resulting problems are
inevitable. I'm pretty sure that standing around cursing
the darkness isn't a useful response.