[e2e] using p2p overlays to overcome recursive NATs/realms

[David P. Reed]

Better security tools might be end-to-end encryption and 
authentication.  ISPs can enable their customers to protect themselves 
against code Red etc. by encouraging same, and encouraging (e.g. Microsoft 
and Sun) to ship systems that properly authenticate.  Those tools are 
better than port blockers which get in the way and don't really stop such 
things, because they give users control.

Better tools for provisioning lots of devices in the home would include 
providing multiple routable addresses in the DOCSIS modem standard, along 
with IPv6 to reduce the ARIN limitations.

At 04:05 PM 2/11/2002 -0500, J. Noel Chiappa wrote:
>     > From: "David P. Reed" <dpreed at reed.com>
>
>     > there *is* constant pushback against better tools from engineering
>     > folks who seem to think that their operator customers and employers
>     > won't buy into better, more flexible tools at any price, and prefer
>     > to follow the "evil" strategies like .. blocking ports, restricting
>     > "servers", etc.
>
>I'm confused here; in what way are "better tools" (tools to do what?)
>going to stop ISP's from blocking ports and/or restricting servers?
>
>My impression is that although there are a number of reasons for such
>actions (e.g. security - apparently Code Red broke into a number of home
>machines on which the witless owners were running HTTP servers without
>realizing it), that one major reason they are doing that is to
>differentiate levels of service, so they can charge more ("commercial"
>service, some call it) for allowing their customers the privilege (sic) of
>doing such things.
>
>In other words, there are unlikely to be tools that will stop them from
>doing this, since it's something they want to do (and have to go out of
>their way to do). So how are better tools going to improve on that (from
>the point of view of the consumers).
>
>         Noel