To:
BELOEIL Luc FTRD/DMI/CAE <luc.beloeil@francetelecom.com>
CC:
"Eric A. Hall" <ehall@ehsco.com>, dnsop@cafax.se
From:
Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Date:
Fri, 1 Aug 2003 20:58:33 +0859 ()
In-Reply-To:
<C331E5A29B51A84E9755E834A3E619D10F9F7B@ftrdmel1.rd.francetelecom.fr>from BELOEIL Luc FTRD/DMI/CAE at "Aug 1, 2003 10:55:23 am"
Sender:
owner-dnsop@cafax.se
Subject:
Re: avoiding proxies
Luc; > > Read the draft on security considerations and never say autoconfigured > > security. > I've just read quickly you draft. Do read the draft, carefully and thoroughly. > First point, > I'm impressed that you dare say that you ask client to use no security. NO. > (I hope I have missed nothing). You have missed all. > I do know if we should > impose cryptography in all IP datagrams, but I feel that IETF want to > propose the option if needed. Yup. > Second point, > I guess if Firewall will must be aware of anycast way of working, No. > because incoming datagrams may not have a source address = to anycast > destination address of outcoming datagrams. Did I miss something ? A site is free to have any policy on its firewalls. The site may simply believe its ISP. > Third point, > servers and client will must be able to manage anycast address in > different manner if UPd or TCP is used. Wrong. Read the draft and RFC103[45]. Masataka Ohta #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.