IPP Mail Archive: Re: IPP> Notifications

Re: IPP> Notifications

Larry Masinter (masinter@parc.xerox.com)
Wed, 4 Feb 1998 18:20:04 PST

> UDP has no more firewall or proxy problem than TCP, given any arbitrary
> port number.
> The issues are the same for both.

Is this a "first principles" argument? That is, are you speaking from experience
with firewall developers and maintainers, or is it just based on reasoning
about the nature of the protocols? What I have heard, both from
local firewall maintainers at Xerox and more generally in discussions of
firewall issues in other Internet protocols, is that there's
a substantial difference in the considerations of a site allowing
inbound UDP packets, allowing TCP connections with known semantic
content, and allowing inbound HTTP posts with well known data content.

Perhaps you have some different data that you could share with us?

Larry

-- 
http://www.parc.xerox.com/masinter