Firewalls: Re: swIPe abstract (was Re: raptor encryption)

Firewalls
(July 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: swIPe abstract (was Re: raptor encryption)
From:	peter @ baileynm . com (Peter da Silva)
Date:	Mon, 21 Jul 1997 08:42:29 -0500 (CDT)
To:	dave @ nic . com (Dave Wreski)
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<Pine . GSO . 3 . 95q . 970720220542 . 11510C-100000 @ nic . com> from "Dave Wreski" at Jul 20, 97 10:09:42 pm

> > Oh yes. IPsec is really taking off like wildfire, isn't it?

> Humorous, but care to speculate as to why it isn't wide-spread at this
> point?

A freely available good-enough implementation is better than an ideal
implementation that requires application changes.

> Is ssh the alternative these days?

ssh is good-enough. It's not a true IP tunnel, like swIPe or AltaVista/PPTP/...
it's more like a distributed proxy arrangement. But for a lot of purposes
that's as good, and for others it's even better for the same reason that a
proxy is easier to implement securely than a packet filter.

swIPe could possibly do the job, if a standard for wrapping RSA or D-H key
exchange over its private-key encryption model could be agreed on.

Follow-Ups:

Re: swIPe abstract (was Re: raptor encryption)
From: Geoff Mulligan <geoff @ mulligan . com>

References:

Re: swIPe abstract (was Re: raptor encryption)
From: Dave Wreski <dave @ nic . com>

Indexed By Date	Previous:	(no subject) From: "Michael J. Daveler" <mike @ advanced-info . com>
Indexed By Date	Next:	Re: swIPe abstract (was Re: raptor encryption) From: mikech @ avana . net
Indexed By Thread	Previous:	IPSEC Key Exchange (was Re: swIPe abstract) From: Leonard Miyata <leonard @ geminisecure . com>
Indexed By Thread	Next:	Re: swIPe abstract (was Re: raptor encryption) From: Geoff Mulligan <geoff @ mulligan . com>