On Thu, Oct 09, 2003 at 01:56:47AM +1300, Peter Gutmann wrote:
> I would add to this the observation that rather than writing yet another SSL
> library to join the eight hundred or so already out there, it might be more
> useful to create a user-friendly management interface to IPsec implementations
> to join the zero or so already out there.  The difficulty in setting up any
> IPsec tunnel is what's been motivating the creation of (often insecure) non-
> IPsec VPN software, 

Still coming back to SSL, it seems SSL VPNs are getting bigger: just got a
press release that some big firewall vendor (who has an IPsec appliance
product) has acquired some (big?) SSL VPN appliance vendor.

I believe SSL VPNs are easier than IPsec to deploy and operate for the road
warrior accessing corporate resources. This may eventually restrict IPsec's
utility to site-to-site tunneling (useful when, e.g., one wishes to run
OSPF over the tunnel), which _should_ be far easier to configure without
needing the help of some whizbang AI.

Ng Pheng Siong <[EMAIL PROTECTED]> 

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to