[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bellovin's and Ashar's attacks
- To: "Housley, Russ" <housley@spyrus.com>
- Subject: Re: Bellovin's and Ashar's attacks
- From: Theodore Ts'o <tytso@MIT.EDU>
- Date: Fri, 14 Apr 1995 11:49:16 +0500
- Address: 1 Amherst St., Cambridge, MA 02139
- Cc: linehan@watson.ibm.com, smb@research.att.com, rja@bodhi.cs.nrl.navy.mil, Danny.Nessett@eng.sun.com, ipsec@ans.net
- In-Reply-To: Housley, Russ's message of Fri, 14 Apr 95 05:33:17 ,<199504141248.AA16411@interlock.ans.net>
- Phone: (617) 253-8091
Warning! Danger, Will Robinson!
I detect a similar problem to what plagued the PEM working group ----
that is, people are talking past one another because different people
have different ideas about what the protocol is supposed to
accomplished.
Russ brought up the concept of "firewall crypto", saying that it's a bad
idea. Given that I believe firewalls in general are a bad idea, and
that (IMO) IPSEC was supposed to significantly reduce the need for
firewalls, I agree --- but I don't think anyone else was thinking about
doing firewall crypto in recent discussions, either. So where did the
idea of "firewall crypto" come from? We may need to take a step back
and make sure we're all working from the same set of assumptions, as I'm
not so sure that we are anymore.
- Ted
References: