What I am suggesting is that there is no reason nat had to reusult in
being on the interNOT rather than the internet.
you're simply wrong about that, at least for anything resembling today's
NATs. except for a shortage of IPv4 addresses, NATs would not be
needed at all. (yes, they're sold for other purposes, but they're
not needed for those purposes) and there's no way to fix that shortage
in a sane fashion (or as you put it, without producing the interNOT)
that does not require changes to the endpoints - and in many cases, the
applications - to make them work. once you do that you're within epsilon
of the deployment barrier to IPv6. (had IPv6 been designed
differently we might have been able to avoid having those changes affect
the network core, but not leaf networks or endpoints.)
Further folk are going to buy these and put them at the border of
their home networks.
yup, and there will continue to be vendors selling snake oil. it's not
our problem.
Trying to secure end point computers is futile.
it's even more futile to expect the network to do it. firewalls can
raise the bar for some kinds of threats, but they can't make your
insecure systems secure.
If I dot run a local mail server why should I let a machine have
unrestricted net access if it does not need it?
no reason that I know of. but the relevant question for this dicussion
is, why do you need a NAT to impose access control? answer: you don't.