TLS vs. IPsec (Was: Re: experiments in the ietf week)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Phillip, Iljitsch,
 
> If you beleive that there is an attack that SSL is vulnerable to you
> should bring it up in TLS.

I think Iljitsch meant that TLS cannot protect against TCP
vulnerabilities, such as spoofed connection resets. This is obviously
well known.

The upside of TLS has of course been that its been extremely easy to
deploy. That's the experiment the planet has been running for the last
decade, and I think the results speak for themselves ;-)

Now, if we had a proposal that turned IPsec into as easily deployable
between random clients and known servers as TLS, I would be interested
in a new experiment! But I did not see a proposal for that yet. Maybe
time for that draft that Phillip suggested in another thread, Iljitsch?

Jari

_______________________________________________
IETF mailing list
IETF@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]