[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Fw: IPSec vs. SSL
IPSec's advantage over SSL: It has more
flexibility on choosing the authentication mechanisms (like the PreSharedKey),
and therefore makes it difficult for the attacker to do man in the middle.
SSL is based only on public key and with tools (like dsniff2.3), its possible to
do man in the middle breaking SSL.
SSL's advantage over IPSec: In SSL, the client and
the server exchage * hash * over the "initial handshake" and therefore is
difficult for an attacker to control (change the proposals that the client
has sent so that the server chooses the proposals that attacker sends or
whatever) the main mode "initial" handshake.
More discussion on this would be enlightening and
appreciated.
----- Original Message -----
Sent: Saturday, December 16, 2000 5:30
PM
Subject: Re: IPSec vs. SSL
Are there any situations where it is useful to
have IPSec in addition to SSL?
Follow-Ups: