Bill Husler <bhusler @
community .
net> writes:
> I've been being told that most companies are piling their resources
> (buck) on the authentication and not using traffic encryption because
> they feel that session assumptions is really more difficult that one
> would be lead to believe and encryption represents considerable overhead.
Any decent PC should be able to run DES much faster than the internet feed
can take the bits (not that this is really saying much). DES is well
understood, and IPSec clearly defines what is needed. Look for several
implementations being interoperability-tested soon.
The real problem is the ITAR. If I have to sell my foo-widget IP stack
for Windoze for $159, I can't afford to license each copy. However, I can
probably implement IPSec with only MD5 and photurus, and sell it shrink-
wrapped in Berlin.
It's not a technical (or performance) issue.
--
- Ted
--------------------------------------------------------------------------
Ted Doty, Network Systems Corporation | phone: +1 301 596-2270
8965 Guilford Road, Suite 250 | fax: +1 410 381-3320
Columbia, MD, 21046 USA | voice mail: (800) 233-1485
--------------------------------------------------------------------------
The opinion expressed in this message is fictitious. Any resemblence to
real opinions, living or dead, is purely coincidental.
|
|
