[907] in cryptography@c2.net mail archive
SSL Proxy, X.509, transport encryption, etc.
daemon@ATHENA.MIT.EDU (Matthew James Gering)
Tue May 27 12:56:12 1997
From: "Matthew James Gering" <mgering@ricochet.net>
To: "Cryptography" <cryptography@c2.net>
Date: Sun, 25 May 1997 16:34:50 -0700
I am looking for information, feedback and referrals about the use
encrypting proxies, hardware encryption, and transport layer security in an
Ecommerce application.
The only encrypting proxy I've found thus far is Stronghold Proxy Server.
But it is not yet available and details are scarce.
http://www.c2.net/products/stronghold-proxy/
I am intended on using to distribute computing resources -- proxy will be
dedicated and optimized for encryption, perhaps with hardware acceleration
-- and to have a secure machine handling session encryption (severely
locked down Unix or CMW+).
Encrypting proxy will need to handle client X.509 certificates for
authentication, and pass certificate information back to the web servers.
Border Router (w/ filters)
/ \
smtp ssl
/ \
smtp encrypting
proxy ssl proxy
| |
Secure Internal LAN (w/ transport layer authentication/encryption)
As far as hardware encryption acceleration, the only product I've found is
Crypto Swift Are there other similar products out there? How beneficial are
they in the real world, on a large SMP machine, and in parallel?
http://isg.rnbo.com/products/specs.htm
For transport layer security within the network I've looked at both IPsec
and Hannah. Does one have an advantage over the other in this application,
other than the latter is available now and the former is still work in
progress. What is the timeframe for IPsec deployment?
http://www.ietf.org/html.charters/ipsec-charter.html
http://www.secureware.com/products/hannah/
Thanks for your feedback,
Matt
