[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPv6 Security Last Call Initial Questions

bound@zk3.dec.com says:
> where are the banks going to use
> ESP for the Internet? )---> thanks (ah a requirement I love them).  And
> what are they doing now without ESP IPSP?

My clients these days are typically investment houses and not
commercial banks. They tend communicate a lot over international
TCP/IP WANs. (I was very amused when a certain ignorant government
official actually claimed in my presense that no one was using "the
internet" for mission critical applications. Maybe they don't use
commercial service providers for them, but loads of people would be
dead without their internets.)

These corporate WANs can, of course, be easily tapped. Right now, tye
typical solution is link encryptors for exposed (i.e. off premises)
legs of the communications networks, but in the long run real safety
requires end to end solutions. In the long run, without end to end
encryption of the ESP sort, these institutions are going to start
facing frequent, er, losses, as a result of inadequate security. As
soon as prototypes of this stuff arrive people like me are going to
start putting enormous pressure on our vendors to supply it. Whether
there is a "MUST" in the document or not isn't going to matter much to
you in the medium term -- Wall Street buys workstations by the