|
|
|
|
|
|
by nealmueller
2778 days ago
|
|
|
The author is a middlebox employee (IPS, IDS, Firewall, NAT, WAN optimizers, LBs). Middlebox people want unencrypted transport headers, because they literally profit from unencrypted headers. :) Everyone else, including users, site operators, and software engineers writing network software prefer that middleboxes not be able to see or tamper with transport headers (both for privacy, avoiding bugs, and being able to evolve software). From the original article: "What's wrong with encrypted transport headers? One possible argument is that middleboxes actually serve a critical function in the network, and crippling them isn't a great idea. Do you really want a world where firewalls are unviable? But I work on middleboxes, so of course I'd say that. (Disclaimer: these are my own opinions, not my employer's)." (Credit for this observation goes to my friend NC.) |
|
|