Firewall Wizards mailing list archives
Re: IPsec and firewalls
From: carson () tla org
Date: Sat, 7 Feb 1998 20:25:28 -0500 (EST)
"Aleph" == Aleph One <aleph1 () dfw dfw net> writes:
Aleph> Not necessarily. The typical example is that of users using a pseudonym. I Aleph> may accept a key from them on our initial contact without verifying it Aleph> with a trusted third party (as it is a pseudonym and there is not one to Aleph> trust) yet every time after that I have their key and verify I was talking Aleph> to the same person I was taking the first time. In any case I will not Aleph> always want to authenticate. I may just want to encrypt the session and a Aleph> simple key exchange is all that is needed. No need to verify anything with Aleph> a third party. True. Of course, this doesn't scale beyond one-to-one, unless you put this anonymous association with a trusted 3rd party. :) I, personally, find the applicability of one-to-one associations to be vanishingly small. Even fairly trivial applications (say, personal profile data for something), frequently require that more than one machine be used for performance or reliability purposes. I can see some potential uses with e-mail keys and the like, but those really need to be distributed these days as well. -- Carson Gaspar -- carson () cs columbia edu carson () tla org carson () cugc org http://www.cs.columbia.edu/~carson/home.html Queen Trapped in a Butch Body
Current thread:
- encapsulated protocols? Mark Horn [ Net Ops ] (Feb 03)
- Re: encapsulated protocols? Adam Shostack (Feb 04)
- Re: encapsulated protocols? Aleph One (Feb 06)
- Re: encapsulated protocols? Adam Shostack (Feb 06)
- Re: encapsulated protocols? Mark Horn [ Net Ops ] (Feb 06)
- Re: encapsulated protocols? Adam Shostack (Feb 07)
- IPsec and firewalls Aleph One (Feb 07)
- Re: IPsec and firewalls carson (Feb 09)
- Re: IPsec and firewalls Aleph One (Feb 09)
- Re: IPsec and firewalls carson (Feb 09)
- Re: IPsec and firewalls Adam Shostack (Feb 09)
- Re: IPsec and firewalls carson (Feb 09)
- Re: encapsulated protocols? Aleph One (Feb 06)
- Re: encapsulated protocols? Adam Shostack (Feb 04)
- Effect of full disk on logging under FW-1 v 2.1? Bret Watson (Feb 09)
- Re: IPsec and firewalls Ted Doty (Feb 09)
- Re: encapsulated protocols? Aleph One (Feb 07)
- Re: encapsulated protocols? Adam Shostack (Feb 07)
- Re: encapsulated protocols? Larry J. Hughes Jr. (Feb 09)
- <Possible follow-ups>
- Re: encapsulated protocols? Rick_Giering_at_mpg003 (Feb 06)
- Re: encapsulated protocols? Jeromie Jackson (Feb 07)