BBC News - 'Fresh proposals' planned over cyber-monitoring

Ian Batten igb at
Wed May 15 16:13:25 BST 2013

On 14 May 2013, at 20:38, Florian Weimer <fw at> wrote:

> * Ian Batten:
>> On 13 May 2013, at 18:45, Florian Weimer <fw at> wrote:
>>> Similarly, I don't think we want our fridges to be reachable from the
>>> public Internet at large, just because it happens to have an IPv4
>>> address for our own (personal) use.
>> I don't buy that argument.  It's trivially easy for routers to have
>> a default-block firewall rule with outbound state tracking, which
>> mimics the security semantics of NAT.
> And with such filtering, end-to-end reachability between arbitrary
> devices who haven't got a previous relationship is just not possible.

Sorry, could you explain that?  How does NAT differ from stateful firewalling?


More information about the ukcrypto mailing list