Re: Last Call: Security Architecture for the Internet Protocol to

["M.C.Nelson" <netsec@panix.com>]

Steve,

You yourself made the empirical connection between the quantity of code
and likelihood of vulnerability, in your firewall book.  I think your
point there was well taken, and easily justified on simple statistical
considerations.


Regards,
Mitch Nelson



On Tue, 7 Apr 1998, Steve Bellovin wrote:

> 	 
> 	 On Fri, 27 Mar 1998, Scott G. Kelly wrote:
> 	 > 
> 	 > IPSEC as currently spec'd is SSSSEEEECCCCUUURRRREEE.
> 	 > 
> 	 
> 	   Has this been established?  It seems doubtful in view of
> 	   (i) its complexity, and (ii) its explicit support for gateways
> 	   and "trusted networks".
> 	 
> 	   Lets construct a set of ten targets and award a cash prize to the
> 	   first ten hackers to break three of them.
> 
> The weaknesses that have been found thus far -- and the ones I fear in
> IKE -- have been in the cryptographic protocols.  I've never yet seen
> a hacker attack one of those -- it's an arcane skill, and difficult
> for even the best cryptographers.
> 
> However -- cryptography is not equivalent to security.  An ipsec channel
> between a hacker and, say, an old version of sendmail will not protect
> you.
>

---

References:

• Re: Last Call: Security Architecture for the Internet Protocol to
• From: Steve Bellovin <smb@research.att.com>

---

• Prev by Date: Re: Last Call: Security Architecture for the Internet Protocol to
• Next by Date: Re: Last Call: Security Architecture for the Internet Protocol to
• Prev by thread: Re: Last Call: Security Architecture for the Internet Protocol to
• Next by thread: Re: Last Call: Security Architecture for the Internet Protocol to
• Index(es):
  • Main
  • Thread