RE: 10 years and no ubiquitous security

2002-03-19 Thread Michael Choung Shieh
len Simpson Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: 10 years and no ubiquitous security Sigh. I knew I shouldn't have put a dollar figure in my response. Michael you have to take those reports with a grain of salt, dollar amounts tend to be meaningless. At the risk of gettin

RE: 10 years and no ubiquitous security

2002-03-19 Thread Alex Alten
>some large deployment issues. > >Michael Shieh > >-Original Message- >From: Alex Alten [mailto:[EMAIL PROTECTED]] >Sent: Monday, March 18, 2002 5:26 PM >To: Steven M. Bellovin; William Allen Simpson >Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] >Subject: Re: 1

RE: 10 years and no ubiquitous security

2002-03-19 Thread Michael Choung Shieh
[mailto:[EMAIL PROTECTED]] Sent: Monday, March 18, 2002 5:26 PM To: Steven M. Bellovin; William Allen Simpson Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: 10 years and no ubiquitous security [... skip...] It seems to have decided, IPsec has settled into a fairly modest VPN market niche

Re: 10 years and no ubiquitous security

2002-03-19 Thread Alex Alten
At 10:18 AM 3/18/2002 -0600, Steven M. Bellovin wrote: >In message <[EMAIL PROTECTED]>, William Allen Simpson writes: >>"The Purple Streak (Hilarie Orman)" wrote: ... > >But Bill, I'm trying to understand what your point is. We can't force >people to use security. IPsec is standard in most major

Re: 10 years and no ubiquitous security

2002-03-18 Thread The Purple Streak (Hilarie Orman)
William Allen Simpson <[EMAIL PROTECTED]> said: It was certain members of the WG who insisted we didn't need the counter. At least one has admitted he was wrong. Are you ever going to admit you were? I didn't realize that a call for admission had been previously issued. Sure, I was wr

Re: 10 years and no ubiquitous security

2002-03-18 Thread Dan McDonald
> I set up VPN over IPSEC on a national academic network with 40mbit backbone > and 10/100 mbit site linkspeeds. the best end-to-end performance I could get > was 2mbit rising to 3-4 burst, and I was flooded by fragmented IP. You should try (again?) a more modern implementation. > Stuff like pMT

Re: 10 years and no ubiquitous security

2002-03-18 Thread William Allen Simpson
"Steven M. Bellovin" wrote: > > In message <[EMAIL PROTECTED]>, William Allen Simpson writes: > Right. The only copy I could find was from 1996, but I don't think > that that difference is important. > (http://www.watersprings.org/pub/id/draft-simpson-ipsec-enhancement-00.txt) Remember, the WG

Re: 10 years and no ubiquitous security

2002-03-18 Thread William Allen Simpson
RJ Atkinson wrote: > > On Saturday, March 16, 2002, at 08:01 , William Allen Simpson wrote: > >> ... I didn't happen to be at that ad-hoc meeting > >> in San Diego, so I wasn't influenced by it > > > > No, but you were at the meetings where swIPe was demonstrated -- > > ACTUALLY DEMONSTRATED -- a

Re: 10 years and no ubiquitous security

2002-03-18 Thread George Michaelson
> But Bill, I'm trying to understand what your point is. We can't force > people to use security. IPsec is standard in most major business > operating systems (Win2K, Solaris, *BSD, etc.) and available for for > Linux. There are hardware solutions -- I have a small IPsec box with > me in M

Re: 10 years and no ubiquitous security

2002-03-18 Thread RJ Atkinson
On Saturday, March 16, 2002, at 08:01 , William Allen Simpson wrote: >> ... I didn't happen to be at that ad-hoc meeting >> in San Diego, so I wasn't influenced by it > > No, but you were at the meetings where swIPe was demonstrated -- > ACTUALLY DEMONSTRATED -- and where the the packet headers w

Re: 10 years and no ubiquitous security

2002-03-18 Thread Brian Lloyd
At 03:49 PM 3/13/2002, William Allen Simpson wrote: >10 years ago tomorrow, Brian Lloyd and I had a "rubber hose" lunch >meeting with Steve Kent, who as a member of the IAB had refused to allow >the PPP WG to publish CHAP in our RFC as an official authentication >protocol. (He had previously mand

Re: 10 years and no ubiquitous security

2002-03-18 Thread Steven M. Bellovin
In message <[EMAIL PROTECTED]>, William Allen Simpson writes: >"The Purple Streak (Hilarie Orman)" wrote: >> Mild-mannered S. Kent is in reality SuperNoSecMan. He adds >> the essential anti-replay counter to IPsec protocols and, ... >> causes people to NOT adopt them? > >Actually, of course, Ste

Re: 10 years and no ubiquitous security

2002-03-16 Thread William Allen Simpson
"The Purple Streak (Hilarie Orman)" wrote: > Mild-mannered S. Kent is in reality SuperNoSecMan. He adds > the essential anti-replay counter to IPsec protocols and, ... > causes people to NOT adopt them? Actually, of course, Steve Kent did not add the counter. It was in swIPe, from the beginni

Re: 10 years and no ubiquitous security

2002-03-16 Thread William Allen Simpson
RJ Atkinson wrote: > > On Wednesday, March 13, 2002, at 06:49 , William Allen Simpson wrote: > > 10 years ago on Tuesday, Phil Karn sprawled out across my hotel > > room bed and drew the packet header that became ESP. > > Actually, that packet header wasn't directly related to ESP, > though ther

Re: 10 years and no ubiquitous security

2002-03-16 Thread The Purple Streak (Hilarie Orman)
The IETF falls into comicbook mode as April 1 approaches. Mild-mannered S. Kent is in reality SuperNoSecMan. He adds the essential anti-replay counter to IPsec protocols and, ... causes people to NOT adopt them? He is a superb document editor and reviewer, and this makes security worse? He has

Re: 10 years and no ubiquitous security

2002-03-14 Thread RJ Atkinson
On Wednesday, March 13, 2002, at 06:49 , William Allen Simpson wrote: > 10 years ago on Tuesday, Phil Karn sprawled out across my hotel > room bed and drew the packet header that became ESP. Actually, that packet header wasn't directly related to ESP, though there aren't but so many ways a secur