Re: [dnssec-deployment] [dns-wg] Re: .SE releases report on consumer broadband routers

[Dave Piscitello dave@localhost]

I seriously doubt that any vendor would sell a product under the 
category "Middle Boxes". Middlebox is an abstraction (see RFC 3234?). 
Certain broadband access devices (oh, my, the acronym "BAD" applies 
here!) are real world implementations of that abstraction.
At the consumer/broadband level, precision with respect to technical 
language is wholly disregarded in favor of something familiar (router or 
firewall, in this case, and remarkably so) or something that sounds 
impressive (the NetScream TurboAccess Millenium 4000 FX).
Patrik Fältström wrote:
> On 26 feb 2008, at 11.18, Stephane Bortzmeyer wrote:
>
> > If they mess with DNS data, they are not routers (a layer 3 device,
> > neutral with respect to the content), they are middleboxes (a layer 1
> > to 9 device, able to break anything).
> Well, it is more complicated than that. Many people do think that NAT 
> boxes are layer 3 devices, and if you have a double-nat mechanism then 
> "messing around with DNS packets" is a needed feature. Sure, then one 
> start walking from layer 3 towards layer 9.... But...
> Anyway, this is not when we should fight about wording. We all know what 
> we talk about, and I think we should thank Patrik and others what they 
> have done.
>    Patrik
>
>
> #############################################################
> This message is sent to you because you are subscribed to
>  the mailing list dnssec-deployment@localhost.
> To unsubscribe, E-mail to: dnssec-deployment-off@localhost
> A public archive is available here: 
> <http://mail.shinkuro.com:8100/Lists/dnssec-deployment/>
> and older material is at
> <http://mail.shinkuro.com:8100/Lists/dnssec-deployment-archive/>
begin:vcard
fn:David Piscitello
n:Piscitello;David
adr;dom:;;3 Myrtle Bank Lane;Hilton Head;SC;29926
email;internet:dave@localhost
x-mozilla-html:FALSE
url:http://hhi.corecom.com/weblogindex.htm
version:2.1
end:vcard