[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
No Subject
Steve Kent says:
> As for bulk encryoption, rather than end-to-end, that is the
> general form of what Phil seems to be arguing, i.e., that encryption
> of traffic between sites is easier than authentication implemented on
> an end system basis, because of reduced management burdens. While
> that observation is true, the resulting functionality, is not the
> same, even if the inter-site encryption is accompanied by
> authentication at the same granularity. For some contexts this
> approach could be quite effective, e.g., if one were atte,tping to
> build a private corporate Internet on top of a public Internet.
> However, in a more general environment, the wide range of
> communicating partners makes inter-site encryption less effective
> (compared to end-to-end authentication).
I see no reason to believe this, and good reason to believe the
contrary given good key management protocols.
Perry
Follow-Ups: