From: eric@remailer.net (Eric Hughes)
To: cypherpunks@toad.com
Message Hash: c2b568fc6bc69b180b07431d6272ce69ab2d24fd9dea5c0d9825ee05c8ffb437
Message ID: <199412130302.TAA00871@largo.remailer.net>
Reply To: <9412121508.ZM17611@warp.mcom.com>
UTC Datetime: 1994-12-13 02:04:14 UTC
Raw Date: Mon, 12 Dec 94 18:04:14 PST
From: eric@remailer.net (Eric Hughes)
Date: Mon, 12 Dec 94 18:04:14 PST
To: cypherpunks@toad.com
Subject: IPSP and Netscape
In-Reply-To: <9412121508.ZM17611@warp.mcom.com>
Message-ID: <199412130302.TAA00871@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain
I've tried really hard to stay out of this, but this one is just too much.
The question is about IPSP, the swIPe-like IP level security protocol.
From: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Name one router that speaks the secure protocols you are
documenting? Name one PPP based bridge that does? Show me, today,
what percentage of the Internet is covered by these standards?
[ ... later ... ]
My company's network hardware is typical. It is filled with
expensive devices that don't understand IPSP or IPNG. In fact, most
of the world is constructed this way.
The protocol does IP-within-IP encapsulation, which means that every
single router deployed is able to carry the secured traffic.
Now, this is not so egregious an error by itself (it is, but I'm being
polite), but coupled with the claims that SSL is better than anything
else out there, I see an argument from chauvinism rather than one from
knowledge.
Since IPSP works at the IP level rather than at the TCP level there
are protocol stacks that have to change. This is not immediate. It
may be that IPSP is not the quickest or best way to link security, but
that is not the point I am making here. The original denial of IPSP's
potential utility was made in complete ignorance, ignorance so great
to lack even the most basic understanding of the subject at hand.
I cannot trust abbreviated arguments from such a source. I can,
however, examine ones which are complete and well thought out and
demonstrate some understanding of tradeoffs.
Eric
Return to December 1994
Return to ““Perry E. Metzger” <perry@imsi.com>”