From: "Perry E. Metzger" <perry@imsi.com>
Date: Tue, 13 Dec 94 06:45:56 PST
To: John Giannandrea <jg@islay.mcom.com>
Subject: Re: IPSP and Netscape
In-Reply-To: <199412130551.VAA10080@islay.mcom.com>
Message-ID: <9412131445.AA12113@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain



John Giannandrea says:
> 
>     Eric Hughes writes:
>      > It may be that IPSP is not the quickest or best way to link
>      > security, but that is not the point I am making here.  The
>      > original denial of IPSP's potential utility was made in
>      > complete ignorance
> 
> Widespread acceptance of IPSP may well make SSL irrelevant.
> I do not believe that anyone at Netscape is claiming otherwise.
> 
> Nonetheless, widespread implementation of IPSP simply does not exist
> at this time.  We need a solution for our customers _today_.

Fine. Widespread implementation of SSL doesn't exist, either. You can
probably deploy IPSP to the bulk of your customers just as fast. The
effort is no different, and the results are better.

Now, maybe I'm wrong -- but how would you guys know, not having even
examined the literature?

> I do not believe that we are either arrogant nor ignorant in creating SSL.

Since you didn't bother to even examine the other alternatives, I'd
say you were ignorant. Since you refused to listen when this was
pointed out, I'd say you were arrogant.

Perry