Duane wrote:
> Alex Bligh wrote:
>>> Because various NAT/PAT gateways put all the possible and impossible
>>> modificaitons on certain, including DNS, packets that there is virtually
>>> no directness expected.

>> I am guessing this is a very common SoHo configuration though.

> Has anyone stopped to ask how much effort/emphasis should really be
> spent trying to protect end users?
> People perpetrating attacks on the internet still pay attention to the
> principals of economics, that is getting the most benefit from the least
> amount of work.
> For what it's worth, I think the real focus here should be ISP
> resolvers, not home users. Not to mention this should be a simpler
> problem to solve for a number of reasons.
> It seems to me that there is an excessive amount of attention being paid
> to protect what is potentially 1 machine in most cases.

This problem does not only affect home users.

http://www.apache-ssl.org/ben.html http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.