[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Bruce Schneier on IPsec
At 09:16 AM 2/3/2000 -0500, Mr. Anderson wrote:
>Building a very secure tunnel mode first, which
>is easily managed, sustainable, and not subject to every
>future kiddie script-style hack is 'key'.
I have thought about this for over a year and have realized this was one of
our design FLAWS.
We designed for gateways instead of end systems. End systems don't need
tunnels, they only need warpping. In part we took this approach because,
'it will take too long to update the end systems'. But proxy services
could have handled this in the interim.
Now we have and industry of gateway systems that need technology that
advances their core business models.
The trick is how to rebuild the bridge while using it.
Robert Moskowitz
ICSA
Security Interest EMail: rgm-sec@htt-consult.com
References: