On Thu, Oct 09, 2003 at 01:56:47AM +1300, Peter Gutmann wrote: > I would add to this the observation that rather than writing yet another SSL > library to join the eight hundred or so already out there, it might be more > useful to create a user-friendly management interface to IPsec implementations > to join the zero or so already out there. The difficulty in setting up any > IPsec tunnel is what's been motivating the creation of (often insecure) non- > IPsec VPN software,
Still coming back to SSL, it seems SSL VPNs are getting bigger: just got a press release that some big firewall vendor (who has an IPsec appliance product) has acquired some (big?) SSL VPN appliance vendor. I believe SSL VPNs are easier than IPsec to deploy and operate for the road warrior accessing corporate resources. This may eventually restrict IPsec's utility to site-to-site tunneling (useful when, e.g., one wishes to run OSPF over the tunnel), which _should_ be far easier to configure without needing the help of some whizbang AI. -- Ng Pheng Siong <[EMAIL PROTECTED]> --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]