From: "Perry E. Metzger" <perry@imsi.com>
Date: Thu, 26 Jan 95 15:55:08 PST
To: Thomas Grant Edwards <tedwards@src.umd.edu>
Subject: Re: CERT statement
In-Reply-To: <Pine.SUN.3.91.950126142119.21338C-100000@thrash.src.umd.edu>
Message-ID: <9501262354.AA17806@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Thomas Grant Edwards says:
> Is it my imagination, or is CERT just trying to firewall up the internet 
> into uselessness?

No, they are trying to protect people. I'm about the biggest critic of
CERT out there, but I don't disagree with what they said -- although
its insufficient.

> What we need to concentrate on is secure systems that are not vulnerable 
> to IP spoofing, as opposed to firewalls.

The only way to do that is cryptographic security. See draft-metzger-*
in the nearest internet drafts repository.

> But of course, more firewalls makes more free transfer of information 
> across the internet more difficult.

No they don't. I'm talking across one right now. I barely if ever
notice it.

> perhaps this is what the government is interested in reducing.

Please confine the paranoia to places where it is justified. Firewalls
are a good and important thing.

Perry