[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPsec DES slowdown
Terry L. Davis, Boeing Information & Support Services, Bellevue, WA
wrote:
> and using lighter weight cypher solutions to protect less critical
> ones my make sense. If we can't successfully use strong encryption
> on all connections, we'd still like to be able to encrypt all of them
> even if this requires use of lighter encryption forms for some.
I agree -- it's a huge waste to apply the strongest cryptography to
everything that runs through your system. 99% of everything placed on an
internet server is zero-security, public data. Even if you embed
authentication data (eg. signatures) you don't need to make things
totally unreadable unless they deal with private property (i.e. cash,
secrets). To make things unsnoopable, you just need to make it
sufficiently obscure where to snoop. I think you'll get the same atitude
from VISA and mastercard: they have realized that it would cost them
more to implement some stronger protection scheme across the board than
it does to deal with the fraud & stealing.
-graydon <graydon@pobox.com>
_______________________________________________________________________
well...you can study all your cranial anatomy charts and read all the
textbooks, but y'know... once you get inside it all kinda looks the same
Nonono don't touch that -- you never know what it might be attached to
-b.banzai
Follow-Ups:
References:
- Re: IPsec and TCP
- From: "Terry L. Davis, Boeing Information & Support Services, Bellevue, WA" <tld5032@commanche.ca.boeing.com>