[14595] in cryptography@c2.net mail archive
Re: Open Source (was Simple SSL/TLS - Some Questions)
daemon@ATHENA.MIT.EDU (Ng Pheng Siong)
Thu Oct 9 21:03:55 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 10 Oct 2003 00:08:58 +0800
From: Ng Pheng Siong <ngps@netmemetic.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
Cc: arcanejill@ramonsky.com, cryptography@metzdowd.com,
iang@systemics.com, rsalz@datapower.com
In-Reply-To: <200310081256.h98Culd04557@cs.auckland.ac.nz>
On Thu, Oct 09, 2003 at 01:56:47AM +1300, Peter Gutmann wrote:
> I would add to this the observation that rather than writing yet another SSL
> library to join the eight hundred or so already out there, it might be more
> useful to create a user-friendly management interface to IPsec implementations
> to join the zero or so already out there. The difficulty in setting up any
> IPsec tunnel is what's been motivating the creation of (often insecure) non-
> IPsec VPN software,
Still coming back to SSL, it seems SSL VPNs are getting bigger: just got a
press release that some big firewall vendor (who has an IPsec appliance
product) has acquired some (big?) SSL VPN appliance vendor.
I believe SSL VPNs are easier than IPsec to deploy and operate for the road
warrior accessing corporate resources. This may eventually restrict IPsec's
utility to site-to-site tunneling (useful when, e.g., one wishes to run
OSPF over the tunnel), which _should_ be far easier to configure without
needing the help of some whizbang AI.
--
Ng Pheng Siong <ngps@netmemetic.com>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
