> From: Melinda Shore <melinda.shore@xxxxxxxxx>
> The focus really needs to be on producing good, secure protocols
The majority of intrusions now seem to be exploiting bugs (and in some cases
bad configurations) in the end-hosts; protocol security flaws are rarely the
problem. This makes sense, as there's a lot more code in the applications
(i.e. places for bugs which can be exploited) than there is in the protocol
itself.
Firewalls do help, and so it's worth spending some time on doing a good job
to make them effective while yet being flexible. But let's not kid ourselves
that anything we can do will totally solve the problem.
Noel
_______________________________________________
Ietf mailing list
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf