Re: Why?

Snipping out everything not related to one error I'd like to correct.

On Mar 14, 2005, at 11:00 PM, Tony Hain wrote:

[suresh] VOIP appls go through the same kind of paylod processing in
firewalls
as do NATs with ALG support for the application. In manyimplementations,
firewall and NAT share the same ALG for protocol monitoring and
application
processing.
This will be interesting when the VoIP apps start encrypting end toend.SRTP is just as opaque to those ALGs as IPsec, so either route willmean a
change to traditional firewalls and policies.

SRTP only encrypts the media payload, not the RTP headers, so in factSRTP is one protocol not broken by ALGs.

(The above is not to be taken as an endorsement of ALGs, NATs or anyother middleboxes which break end-to-end transparency.)

Tony


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Why?, (continued) Re: Why?, Brian E Carpenter Re: FW: Why?, JFC (Jefsey) Morfin Re: FW: Why?, Juergen Schoenwaelder Re: Why?, Noel Chiappa Re: Why?, Keith Moore Re: Why?, Theodore Ts'o Re: Why?, Keith Moore Re: Why?, Brian E Carpenter RE: FW: Why?, Pyda Srisuresh RE: FW: Why?, Tony Hain Re: Why?, David R Oran <= RE: Why?, Michel Py Re: Why?, Noel Chiappa Re: Why?, Keith Moore RE: FW: Why?, Noel Chiappa