On 14 Aug 1999, Derek Atkins wrote:
> Routers and Firewalls are not IPSec endpoints...
Firewalls can easily be IPSEC endpoints, if they double as security
gateways, which is likely to be common. (Making your firewall speak
IPSEC is considerably easier than making all the equipment behind it
do likewise.)
It is admittedly unlikely for a router to be an IPSEC endpoint except
for an administrative channel... unless it is doubling as a security
gateway, which is possible.
> and also they are not running in Intel hardware with a Linux OS...
Speak for yourself. Mine are. I think you'd be surprised at how common
this has become, in applications which are not severely pressed for
performance. The sort of PC that people are discarding, in favor of
faster and more modern ones, can route/firewall/security-gateway a T1
quite well. Anything much faster than that probably does need custom
hardware... this year.
Some of the people who've talked to us about various aspects of Linux
FreeS/WAN have had very interesting large-volume applications in mind.
Open source, strong security, and cheap Intel hardware are a pretty
versatile combination.
> ...However, there are always
> multiple network interfaces in a SG (at least one 'inside' and one
> 'outside' the secure network), so you have the timings of network
> packets on each network, as well as the timing of packets between the
> networks.
There is considerable debate about whether packet timings are a good
source for entropy, since they are at least potentially observable by
outsiders.
>And, again, this is probably not running Linux.
Again, speak for yourself. Linux use in that area is growing quickly.
> Seriously, how many 'inexpensive specialized devices' are going to
> need strong security?
Almost all of them, before too very long. Try making a list of network
devices which definitely *do not* need strong security; it's short.
> Also, a router is certainly not 'inexpensive'...
If you're trying to route multiple T3s, true. Otherwise, again, you're
behind the times -- routing no longer requires massive horsepower. (Of
course, you can still pay a bundle for it if you really insist.)
> ...Besides, why not just add a
> hardware RNG? The pieces aren't very expensive, the parts don't
> really wear out, and then you always have a strong source of random
> numbers.
It's an option, but not always the most attractive one. Being able to
do without would be useful.
Henry Spencer
[EMAIL PROTECTED]
([EMAIL PROTECTED])
