From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 13 Dec 94 10:50:13 PST
To: kipp@warp.mcom.com (Kipp E.B. Hickman)
Subject: Re: IPSP and Netscape
In-Reply-To: <9412131807.AA18482@warp.mcom.com>
Message-ID: <9412131849.AA12640@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



Kipp E.B. Hickman says:
> I'm sorry you are so upset. :-(
> 
> IPSP was not in my vocabulary at the time of the first posting. Ignorance
> was briefly bliss :^)

My complaint about Netscape is that you guys haven't been reading
about what others have done. I understand your desire to get things
done quickly, but you are making assumptions about whats out there and
what works that aren't warranted.

> However, regardless of whether or not extant hardware is reusable,
> there is still the not so small matter of software. Software for PC's,
> MAC's and a host of UNIX machines before a workable secure network can
> be constructed.

Certainly. SSL would also require software for all those platforms --
its no different in this regard.

> Finally, I never said that "SSL is better than anything out there". I
> don't know who did. All I said is that "SSL is something", which isn't
> really saying much. SSL is A solution to A set of problems, namely
> privacy and authentication.

Privacy and authentication are also provided by IPSP. However, IPSP
provides all sorts of advantages -- immunity from traffic analysis, no
requirement to change the way an application operates to start using
it, protection of the entire IP stack (not just TCP sockets), very
minimal changes required to applications that want to use the
information provided by the IPSP layer for authentication (and no need
to change your read or write calls or anything), etc, etc, etc.

Perry