ietf
[Top] [All Lists]

Re: myth of the great transition (was US Defense Department forma lly adopts IPv6)

2003-06-18 10:51:21
Keith Moore <moore(_at_)cs(_dot_)utk(_dot_)edu> writes:

If you want to address denial of service issues you need protocol
enforcement points.

NAT is a denial of service attack, not a means of policy enforcement.

I don't think this is really accurate.

The difference between denial of service and policy enforcement
is primarily a question of authorization. Since the people who
install NAT generally own the networks in question, characterizing
NAT as a DoS attack doesn't really seem right.

-Ekr

-- 
[Eric Rescorla                                   ekr(_at_)rtfm(_dot_)com]
           Web Log: http://www.rtfm.com/movabletype




<Prev in Thread] Current Thread [Next in Thread>