[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSec Complexity
On Fri, 18 Feb 2000, Dan Harkins wrote:
> ...So now have come full
> circle when the solution to address the security problems (and still
> have tunneling and still get rid of one mode) is more complex than the
> original tunneling design.
Have we ever seen the vaguely-alluded-to explanation of why getting rid of
*transport* mode, and just doing everything with tunnel mode, would be a
horrible error? (Aside from the question of whether it is practical to
delete a mode this late in the game, which is a different can of worms.)
Henry Spencer
henry@spsystems.net
Follow-Ups:
References: