Re: [dns-wg] Re: .SE releases report on consumer broadband routers
-
To: Stephane Bortzmeyer bortzmeyer@localhost
-
From: Patrik Fältström paf@localhost
-
Date: Tue, 26 Feb 2008 11:48:53 +0100
-
Authentication-results: ams-dkim-1; header.From=paf@localhost dkim=pass ( sig from cisco.com/amsdkim1002 verified; );
-
Cc: Patrik Wallstrom pawal@localhost, dnssec-deployment@localhost, dns-wg@localhost, dns-operations@localhost
-
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; l=698; t=1204022937; x=1204886937; c=relaxed/simple; s=amsdkim1002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=paf@localhost z=From:=20=3D?ISO-8859-1?Q?Patrik_F=3DE4ltstr=3DF6m?=3D=20<p af@localhost |Subject:=20Re=3A=20[dns-wg]=20Re=3A=20.SE=20releases=20rep ort=20on=20consumer=20broadband=20routers |Sender:=20; bh=O6vZwCClBLyUjn8I47cu7nXS20S2Ithyc/SSCNa4KGI=; b=johAqDkU5hq7tHz77J7vwu0TbwXUjA6P7oK/ygMXAQUJEybvZhZsrMO0St pgqGzOohnfN2mqihn8UAn5bwgWAp536M9o45q/0pqz7Qx3Jnwn7U2b/zsJgq fYGJOucl7K;
On 26 feb 2008, at 11.18, Stephane Bortzmeyer wrote:
If they mess with DNS data, they are not routers (a layer 3 device,
neutral with respect to the content), they are middleboxes (a layer 1
to 9 device, able to break anything).
Well, it is more complicated than that. Many people do think that NAT
boxes are layer 3 devices, and if you have a double-nat mechanism then
"messing around with DNS packets" is a needed feature. Sure, then one
start walking from layer 3 towards layer 9.... But...
Anyway, this is not when we should fight about wording. We all know
what we talk about, and I think we should thank Patrik and others what
they have done.
Patrik
|
you are here: RIPE -> RIPE Maillists > Archives
