On 06 Jun 2001 17:22:26 -0400, Paul D. Robertson wrote:
> On Wed, 6 Jun 2001, Jose Nazario wrote:
>
> That's a keying property though, not a tunnel property. IOW: there's
> nothing in the "tunnelness" that mandates auth, and there's nothing about
> the tunnel that makes a particular mechanism "strong," since it's all
> about key management, and weakly managed keys don't equal strong
> authentication. Add to that the typical failing of ensuring a strong
> encryption boundary on the client (What? Not allow Web access while in a
> tunnel?) and it rolls downhill pretty quickly. Deploy it on 9x where the
> keys are available to all comers and it's dismal.
To properly state your complaint then, you must remove references to
"VPN" and "tunnel" as such, and mention "VPNs or tunnels without well
managed keying or other authentication systems" since its the keying
system that is incorrectly configured, not the tunnels very existance
that causes problems.
--
Michael T. Babcock
CTO, FibreSpeed
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
