Re: What do you guys think about this?|
Damion Wilson <dwilson,AT,ibl,DOT,bm>|
Tue, 23 Sep 2003 00:20:54 -0300|
Alright. I've just seen this on Slashdot and a few things pissed me off:
1. CIPE has apparently been declared a "dead" project.
2. The cursory analysis by Peter Gutmann appears to have missed subtle
For instance, CIPE primarily using Blowfish (and not IDEA).
3. The apparent zeal with which all non IPSec or SSL implementations are
attacked as basically infantile and not worth entertaining smacks of
4. Some issues are stated as being known "years ago" and ignored. I don't
recall the issues he raises as having crossed my 5 year participation on this
list, the "man in the middle" vulnerability notwithstanding. We appear to
have voted for simplicity in this regard, correct me if I'm wrong. It's
easier to believe that your ISP isn't out to get you.
If Mr. Gutmann had bothered to peruse the mailing list archives (the link was
right on the same page as the protocol description), He might have had the
chance to determine what was important to the userbase and, instead of
declaring CIPE, Tinc, OpenVPN, et al. "dead", He might have realised what was
important enough to them to specifically eschew IPSec, etc in choosing our
specific flavours of VPN.
He deems us stupid and foolhardy for making the decision to use these
products, develop for them, and show loyalty to them in the face of software
and techniques that he prefers. Apparently, we're all a bunch of idiots and
it only took him a 30 minute or more analysis for him to determine it, and
the other projects weren't as lucky. Let's all remember the Andrew Tanenbaum
v Linus Torvalds "discussion" over the relative technical merits of Minix
I'm still pissed. I need to rant some more later
I'd like to know if Olaf has anything to say about it, though. Peter Gutmann
apparently attempted to contact him.
On Monday 22 September 2003 08:57 pm, Groups wrote:
> I've been using CIPE for over a year now, and my boss just forwarded this
> link, http://www.mit.edu:8008/bloom-picayune/crypto/14238, to a posting
> about the security of CIPE. Does anyone have any arguments that may help
> me out?
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: