I think it would be more accurate to say that a NAT contravenes
the basic Internet prnciple of universal connectivity.
well, if we're going to try to get accurate (or even precise) I'd
venture that the basic principle being contravened is not universal
connectivity, but separation of function between the network and the
endpoints - where the network's job is to make a best effort to deliver
packets to where the endpoints want them to go. expecting the network
to isolate insecure hosts from untrustworthy attackers, or more
generally, to enforce policy about what kinds of content are
permitted to pass, has always been a stretch.
Keith