"Tony Hain" <alh-i...@tndh.net> wrote: > Actually nat does something for security, it decimates it. Any 'real' > security system (physical, technology, ...) includes some form of audit > trail. NAT explicitly breaks any form of audit trail, unless you are the one > operating the header mangling device. Given that there is no limit to the > number of nat devices along a path, there can be no limit to the number of > people operating them. This means there is no audit trail, and therefore NO > SECURITY.
So an audit trail implies security? I don't agree. It may make post-mortem analysis easier, thou. Does end-to-end crypto break security? Which security? The security of the endpoints or the security of someone else who cannot now audit the communication in question fully? > Tony --Johnny
