On Mon, 2006-03-20 at 11:51 -0500, Keith Moore wrote:
you shouldn't allow unrestricted access to the network from unmanaged
hosts, that's a recipe for disaster.
no, what's a disaster is to use source IP addresses or port numbers as
an indication of trustworthiness on any network that extends beyond a
single room. the notion that you can "manage" significant numbers of
hosts to ensure their trustworthiness is delusional.
I don't see any contradiction in what you and I are saying, although I
would extend "single" to "handful". in any case, it's getting off topic
for the issue at hand, so please continue discussion in private if you
care to respond.
--
Kjetil T.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf