<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: "Hans Steegers" <steegers,AT,steegers,DOT,nl>
Subject: Re: What do you guys think about this?
From: "Dick St.Peters" <stpeters,AT,NetHeaven,DOT,com>
Date: Tue, 23 Sep 2003 11:56:23 -0400
Cc: "CIPE-list" <cipe-l,AT,inka,DOT,de>
In-reply-to: <000401c381c7$70550180$d620a8c0@pcw_hans.hnsasd.priv>
References: <000401c381c7$70550180$d620a8c0@pcw_hans.hnsasd.priv>

Hans Steegers writes:

> 1. CIPE is NOT "Linux's answer to MS-PPTP". CIPE claims to be "a protocol
> for ultra lightweight IP encryption". No more, no less.

This is the heart of the issue.  The problem here is one of lost
context.  Crypto people are the bank vault designers of the software
world; in their context if a door isn't a meter of tempered steel
alloy it isn't a secure door.  That's fine for bank vaults, but it's
more than a little silly for, say, apartment doors.  You want an
apartment door that doesn't crush the building.

A VPN should provide security that's good enough.  If you're dealing
with state secrets or billions of dollars, CIPE is not good enough.
However, if you do business over ordinary phone lines and first class
mail, then using CIPE will make your VPN vastly more secure than the
rest of your operation, without consuming a lot of resources or
making things more complex than necessary.

--
Dick St.Peters, stpeters,AT,NetHeaven,DOT,com 


<< | Thread Index | >> ]    [ << | Date Index | >> ]