[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: ports in the clear...

To: "pferguso@cisco.com" <pferguso@cisco.com>, 'Ran Atkinson' <rja@cisco.com>
Subject: RE: ports in the clear...
From: Brad Wilson <crucial@ix.netcom.com>
Date: Tue, 23 Apr 1996 08:59:09 -0400
Cc: "ipsec@TIS.COM" <ipsec@TIS.COM>
Sender: ipsec-approval@neptune.tis.com

>>	I understand that there are folks who want to count packets.
>> However, the _purpose_ of using IPsec is to make it difficult for an
>> adversary to know what is going on.  If a user has turned on IPsec for his
>> traffic, its because the user does not want this information in the clear,
>> else the user would have used upper-layer security services instead of
>> IPsec.

If bean counters want to count traffic, they could always use encrypting
firewalls.  I agree with Ran; don't comprimise the security of the protocol
for bean counters (which is the only "real" argument I've seen).

Brad

--
Brad Wilson, Crucial Software     crucial@ix.netcom.com    +1 (810) 620-9803
Custom software engineering services for Microsoft Windows NT and Windows 95

Prev by Date: Re: ports in the clear...
Next by Date: Re: ports in the clear...
Prev by thread: Re: ports in the clear...
Next by thread: Re: ports in the clear...
Index(es):
- Main
- Thread