1996-01-23 - Re: IPSEC == end of firewalls (was Re: (fwd) e$: PBS NewsHour, Path Dependency, IPSEC, Cyberdog, and the Melting of Mr.)

Header Data

From: “Perry E. Metzger” <perry@piermont.com>
To: Nelson Minar <nelson@santafe.edu>
Message Hash: f24e16ccb086918e024543a1ed6fe605c1c12754523310db64348917422050db
Message ID: <199601230207.VAA08601@jekyll.piermont.com>
Reply To: <199601230159.SAA00256@nelson.santafe.edu>
UTC Datetime: 1996-01-23 02:08:06 UTC
Raw Date: Mon, 22 Jan 96 18:08:06 PST

Raw message

From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 22 Jan 96 18:08:06 PST
To: Nelson Minar <nelson@santafe.edu>
Subject: Re: IPSEC == end of firewalls (was Re: (fwd) e$: PBS NewsHour, Path Dependency, IPSEC, Cyberdog, and the Melting of Mr.)
In-Reply-To: <199601230159.SAA00256@nelson.santafe.edu>
Message-ID: <199601230207.VAA08601@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Nelson Minar writes:
> I'm all for the end of ridiculous non-TCP/IP protocols, but does
> anyone believe this point about encrypted IP traffic eliminating the
> need for firewalls?

There is division in the IETF community on this point.

Phil Karn (who I have the greatest respect for) thinks IPSEC means we
can get rid of the firewalls. I, for one, don't -- they are there
largely because people don't trust that their networking software is
free of security holes, and cryptography doesn't fix security holes
for the most part.

Perry





Thread