[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SSL v IPSEC for management?

To: "'Waters Stephen'" <stephen.Waters@cabletron.com>
Subject: RE: SSL v IPSEC for management?
From: Steven Lee <slee@cygnacom.com>
Date: Tue, 26 Jan 1999 08:47:32 -0500
Cc: "Ipsec (E-mail)" <ipsec@tis.com>
Sender: owner-ipsec@ex.tis.com

Stephen,

There are some trade-offs in using the SSL; however, one of the top
issue would be that a client cannot authenticate the server.  Therfore,
a server could someone pretending to be a trusted party and there is no
way for the client to authenticate this information.  You can also find
more information in the following web sites:

http://www.consensus.com/security/ssl-talk-faq.html

You can also find the 3.0 standard in

http://home.netscape.com/eng/ssl3/3-SPEC.HTM#4   

Steven Lee
Senior Security Engineer
CygnaCom Solutions
slee@cygnacom.com

> -----Original Message-----
> From:	Waters Stephen [SMTP:stephen.Waters@cabletron.com]
> Sent:	Monday, January 25, 1999 5:09 PM
> To:	ipsec@tis.com
> Subject:	SSL v IPSEC for management?
> 
> 
> Hi,
> 
> Does anyone have any details on the good/bad points of using SSL to
> protect
> management flows between a management station and a security gateway?
> Is
> SSL exposed to replay attacks for instance?  Any web-page pointer on
> the
> subject?
> 
> Thanks, Steve.
> 
> Stephen Waters
> Devon, UK
> 
> Tel:
> National            01548 551012  or 550474
> International  44  1548    "         or     "
> Stephen.Waters@Cabletron.com

Follow-Ups:

Re: SSL v IPSEC for management?

From: marcvh@aventail.com (Marc VanHeyningen)

Prev by Date: RE: SSL v IPSEC for management?
Next by Date: Questions on CERT payload
Prev by thread: RE: SSL v IPSEC for management?
Next by thread: Re: SSL v IPSEC for management?
Index(es):
- Main
- Thread