I seriously doubt that any vendor would sell a product under the category "Middle Boxes". Middlebox is an abstraction (see RFC 3234?). Certain broadband access devices (oh, my, the acronym "BAD" applies here!) are real world implementations of that abstraction. At the consumer/broadband level, precision with respect to technical language is wholly disregarded in favor of something familiar (router or firewall, in this case, and remarkably so) or something that sounds impressive (the NetScream TurboAccess Millenium 4000 FX). Patrik Fältström wrote:
On 26 feb 2008, at 11.18, Stephane Bortzmeyer wrote:
If they mess with DNS data, they are not routers (a layer 3 device, neutral with respect to the content), they are middleboxes (a layer 1 to 9 device, able to break anything).
Well, it is more complicated than that. Many people do think that NAT boxes are layer 3 devices, and if you have a double-nat mechanism then "messing around with DNS packets" is a needed feature. Sure, then one start walking from layer 3 towards layer 9.... But...
Anyway, this is not when we should fight about wording. We all know what we talk about, and I think we should thank Patrik and others what they have done.
Patrik
############################################################# This message is sent to you because you are subscribed to the mailing list <dnssec-deployment@shinkuro.com>. To unsubscribe, E-mail to: <dnssec-deployment-off@shinkuro.com> A public archive is available here: <http://mail.shinkuro.com:8100/Lists/dnssec-deployment/> and older material is at <http://mail.shinkuro.com:8100/Lists/dnssec-deployment-archive/>