[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ???????????????

To: ipsec@lists.tislabs.com
Subject: Re: ???????????????
From: Paul Hoffman <paul.hoffman@vpnc.org>
Date: Tue, 08 Feb 2000 21:16:11 -0800
In-Reply-To: <01E1D01C12D7D211AFC70090273D20B102A1CC1C@sothmxs06.entrust.com>
Sender: owner-ipsec@lists.tislabs.com

At 08:20 PM 2/8/00 -0500, Greg Carter wrote:
>Paul I could easily spin each of your observations into something positive,
>point out the places where you are wrong, and drag this into a 1000 post
>thread.

Thanks for starting it this way. :-)

>   But instead I'll just ask, what were you thinking?

Of telling the readers who assume that their VPN box from vendor A will 
automatically be able to work with their CA software from vendor B that the 
truth is actually "it might work, it might not". People like to know these 
things, and they understand that they aren't going to hear it from 
individual vendors for obvious reasons.

>   I mean even if
>you really believe the VPN-PKI world is askew is this the best way for a
>consortium to encourage adoption of its technology?

Yes. It brings pressure on VPN vendors and CA vendors to work harder at 
interoperability in this very important area. It also shows where we have 
had success so far. If you can think of a better way to get VPN vendors and 
CAs to follow the standards better, by all means act on it. As we all saw 
at San Diego, the problems in the VPN-PKI area are widespread but by no 
means universal.

>   I know Entrust is not a
>member, so I guess I missed the meeting where you explained how bad press
>helps.

It's not bad press. No one is going to decide not to buy a VPN or a CA 
because of the article. They may shop harder or postpone until their 
preferred vendor adds needed interoperability; both those actions lead 
directly to happier customers.

Also, VPNC had a meeting on Tuesday night of the bakeoff which was open to 
all bakeoff companies, members and non-members alike. There were plenty of 
non-members there, many taking notes.

>Not to mention bakeoff etiquette.

Um, I don't see where I've even gotten close there. I mentioned no 
companies by name, not even hinting. No one reading the article could even 
start to determine which CAs or which VPN vendors did what, or will do what 
in the future. The numbers could easily have been done by polling just VPNC 
members or implementors on this list.

In short, no one is helped by hiding general industry lack of 
interoperability as long as there is something customers can do about it 
(like choosing carefully). It is always a good idea to be honest with 
customers about potential problems before they buy sets of products so that 
the customers get what works for them.

--Paul Hoffman, Director
--VPN Consortium

References:

???????????????

From: Greg Carter <greg.carter@entrust.com>

Prev by Date: ???????????????
Next by Date: Re: ???????????????
Prev by thread: ???????????????
Next by thread: Re: ???????????????
Index(es):
- Main
- Thread