<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: cipe-l,AT,inka,DOT,de
Subject: Re: What do you guys think about this?
From: Mailing Lists <groups,AT,hasely,DOT,com>
Date: Mon, 22 Sep 2003 21:16:02 -0700
In-reply-to: <09bb01c38186$5e6d2d80$1401010a@berrex.com>

How about some ranting, and raving on Slashdot.?

On Monday, September 22, 2003, at 08:54 PM, Russell Berry wrote:

yeah, pissed me off too. But you hit the nail on the head with infantile in
the same paragraph with Gutmann. Rant away....


---russ

Russell Berry
Berrex Computer Solutions
http://www.berrex.com
Russ,AT,berrex,DOT,com
1-877-558-9507
----- Original Message -----
From: "Damion Wilson" <dwilson,AT,ibl,DOT,bm>
To: "Groups" <groups,AT,hasely,DOT,com>
Cc: <cipe-l,AT,inka,DOT,de>
Sent: Monday, September 22, 2003 11:20 PM
Subject: Re: What do you guys think about this?


Alright. I've just seen this on Slashdot and a few things pissed me off:

1. CIPE has apparently been declared a "dead" project.

2. The cursory analysis by Peter Gutmann appears to have missed subtle
things.
For instance, CIPE primarily using Blowfish (and not IDEA).

3. The apparent zeal with which all non IPSec or SSL implementations are
attacked as basically infantile and not worth entertaining smacks of
patronising.


4. Some issues are stated as being known "years ago" and ignored. I don't
recall the issues he raises as having crossed my 5 year participation on
this
list, the "man in the middle" vulnerability notwithstanding. We appear to
have voted for simplicity in this regard, correct me if I'm wrong. It's
easier to believe that your ISP isn't out to get you.


If Mr. Gutmann had bothered to peruse the mailing list archives (the link
was
right on the same page as the protocol description), He might have had the
chance to determine what was important to the userbase and, instead of
declaring CIPE, Tinc, OpenVPN, et al. "dead", He might have realised what
was
important enough to them to specifically eschew IPSec, etc in choosing our
specific flavours of VPN.


He deems us stupid and foolhardy for making the decision to use these
products, develop for them, and show loyalty to them in the face of
software
and techniques that he prefers. Apparently, we're all a bunch of idiots
and
it only took him a 30 minute or more analysis for him to determine it, and
the other projects weren't as lucky. Let's all remember the Andrew
Tanenbaum
v Linus Torvalds "discussion" over the relative technical merits of Minix
over Linux.


I'm still pissed. I need to rant some more later

I'd like to know if Olaf has anything to say about it, though. Peter
Gutmann
apparently attempted to contact him.

DKW
On Monday 22 September 2003 08:57 pm, Groups wrote:
I've been using CIPE for over a year now, and my boss just forwarded
this
link, http://www.mit.edu:8008/bloom-picayune/crypto/14238, to a posting
about the security of CIPE. Does anyone have any arguments that may
help
me out?





--
Message sent by the cipe-l,AT,inka,DOT,de mailing list.
Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
Other commands available with "help" in body to the same address.
CIPE info and list archive:
<URL:http://sites.inka.de/~bigred/devel/cipe.html>


--
Message sent by the cipe-l,AT,inka,DOT,de mailing list.
Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
Other commands available with "help" in body to the same address.
CIPE info and list archive:
<URL:http://sites.inka.de/~bigred/devel/cipe.html>



<< | Thread Index | >> ]    [ << | Date Index | >> ]