At 09:47 19/12/2000 -0800, Mike Fisk wrote:
>It's an argument of semantics, but I prefer to say that we're separating
>transport-layer end-to-end from application-layer end-to-end. Make
>applications explicitly terminate transport connections at gateways. So
>what is now a connection from me to you across a NAT and a proxy-ing
>firewall would be come a session-layer connection from me to you served by
>transport connections from me to the NAT, from the NAT to the proxy, and
>from the proxy to you.
these are called "application layer gateways", and exist in droves already.
Most firewalls implement them, in addition to NAT and packet filters.
--
Harald Tveit Alvestrand, [EMAIL PROTECTED]
+47 41 44 29 94
Personal email: [EMAIL PROTECTED]
