> Do you have some articles about these protocols? The authoritative reference for TLS is the TLS RFC (http://www.ietf.org/rfc/rfc2246.txt). The authoritative reference for IPsec
is of course the IPsec RFC (http://www.ietf.org/rfc/rfc2401.txt). As to why they wouldn't use these as they stand, synchronized protocols often require finer control over the data block size than these offer, but modification is easy enough, and would certainly have caused fewer concerns than a roll your own. [Marcel] Thanks, and appreciated, but I haven't made myself clear. I meant: is there a page by one of the known names in the field saying something like: "if you want to do this, then you should use these protocols"? Like Peter said: they should have used TLS or YASSL for the handshake and IPSEC + ESP for the transport. Is there a place where one trying to implement a secure system could go and find out the basic components he needs? With pros and cons, preferably? [Marcel] Maybe this is too much to ask, I don't know. That's pretty much the point :) Thanks, Marcel --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]