- From: Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net>
- Date: Mon, 13 Aug 2001 19:36:25 -0400
- To: jpalme@dsv.su.se
- cc: discuss@apps.ietf.org
Jacob, I don't plan on following this thread in discuss@apps.ietf.org. It was the subject of discussion at the Apps Area Open at IETF-44, at least in its transport aspect. From the end2end-interest list, with permission of the author. Eric ------- Forwarded Message Thread-Topic: [e2e] Fwd: Camel's nose in the tent Thread-Index: AcEkQAUWrIV+7hbwSeOw5h++zDr35AAA9ZLw From: "Christian Huitema" <huitema@windows.microsoft.com> To: <end2end-interest@postel.org> List-Archive: <http://www.postel.org/pipermail/end2end-interest/> Date: Mon, 13 Aug 2001 15:08:30 -0700 The business of filtering based on port numbers is rapidly getting insane: blocking incoming 80, "transparent proxy" of outgoing 80, blocking 25... I think we should rewrite the browsers and SMTP agents to use alternate ports, picked more or less at random. In fact, we already have the tools to do that with the SRV records. I can think of a filter-breaker that will first try to access www.example.com:80, and if that breaks for any reason, try to resolve "_http._tcp.www.example.com IN SRV" -- et voila, alternate port number, filtering is defeated... Same could work for mail, etc. - -- Christian Huitema ------- End of Forwarded Message
Received on Tuesday, 14 August 2001 10:00:17 UTC