| To: | <cipe-l,AT,inka,DOT,de> |
| Subject: | RE: CRC32 - thoughts on Gutmann response |
| From: | "Joseph Jamieson" <jjamieson,AT,futurefoundations,DOT,com> |
| Date: | Fri, 26 Sep 2003 01:47:16 -0400 |
| Thread-index: | AcOD3x4n/yREU0FWRIW2QumKmGCyHAADulVQ |
| Thread-topic: | CRC32 - thoughts on Gutmann response |
> I'd expect it to be a while before a fixed, usable version is released. To more people then you would think, security just isn't a major factor. Cipe is very easy to install and run, it's solid as a rock, and it includes some good encryption. Not to mention it's nice and fast. It's not the perfect security model, but for a good many people, it Just Works. At my company, we have set up cipe between many small offices quite successfully. They do e-mail and other such things over it, usually with low end DSL lines and cable modems. Heavy duty unbreakable security just isn't too important; if someone is going to spend enough time to crack the session and read the data, they'd see a whole lot of nothing. If someone could come up with a VPN that was as firewall friendly, fast, and as easy to set up as cipe, but with all the latest and greatest security measures, great! If not, I'll still use it, at least until all the theory is proven and someone actually cracks cipe. Ps. "Whenever someone thinks that they can replace SSL/SSH with something much better that they designed this morning over coffee..." Nobody said cipe was a replacement for SSL/SSH. What an ignorant bastard.