Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-12 Thread Perry E. Metzger
[Moderator's note: Forwarded anonymously at the sender's request, so if you reply to this, please cut my name out of it, it isn't my message --Perry] -- Perry, please forward anonymously. On Friday, Oct 10, 2003, at 22:48

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-11 Thread Ben Laurie
Peter Clay wrote: On Thu, 9 Oct 2003, Peter Gutmann wrote: I would add to this the observation that rather than writing yet another SSL library to join the eight hundred or so already out there, it might be more useful to create a user-friendly management interface to IPsec implementations

RE: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-09 Thread Peter Clay
On Thu, 9 Oct 2003, Peter Gutmann wrote: I would add to this the observation that rather than writing yet another SSL library to join the eight hundred or so already out there, it might be more useful to create a user-friendly management interface to IPsec implementations to join the zero or

RE: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-09 Thread Peter Gutmann
Peter Clay [EMAIL PROTECTED] writes: If you want a VPN that road warriors can use, you have to do it with IP-over- TCP. Nothing else survives NAT and agressive firewalling, not even Microsoft PPTP. IP-over-TCP has some potential performance problems, see

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-09 Thread Perry E. Metzger
Peter Clay [EMAIL PROTECTED] writes: Having spent much of the past few weeks trying to sort out a workable VPN solution, I think this is a good but doomed idea. http://vpn.ebootis.de/ has the best free windows IPsec configuration tool I've found, but that doesn't help. Why? Because IPsec

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-09 Thread Ng Pheng Siong
On Thu, Oct 09, 2003 at 01:56:47AM +1300, Peter Gutmann wrote: I would add to this the observation that rather than writing yet another SSL library to join the eight hundred or so already out there, it might be more useful to create a user-friendly management interface to IPsec implementations

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-09 Thread Ben Laurie
Jill Ramonsky wrote: Too late. I've already started. Besides which, posts on this group suggest that there is a demand for such a toolkit. I think there's demand in the sense that there's demand for free lunches. People would like the inherent complexity to go away, because they can see that

RE: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-08 Thread Arcane Jill
PROTECTED]; [EMAIL PROTECTED] Subject: Re: Open Source (was Simple SSL/TLS - Some Questions) I think that rather than spending time on deciding what to call this library that is to-be-written, and how to license this library that is to-be-written, that time should be spent on, well, writing

RE: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-08 Thread Peter Gutmann
Rich Salz [EMAIL PROTECTED] writes: I think that rather than spending time on deciding what to call this library that is to-be-written, and how to license this library that is to-be-written, that time should be spent on, well, writing it. :) I would add to this the observation that rather than

RE: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-08 Thread Jill Ramonsky
: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 08, 2003 1:57 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Open Source (was Simple SSL/TLS - Some Questions) Rich Salz [EMAIL PROTECTED] writes: I would add

Re: Open Source (was Simple SSL/TLS - Some Questions)

2003-10-07 Thread Rich Salz
I took the initial view that closed source and trustable crypto are mutually incompatible Of course this isn't true. When is the last time you built your own ATM or credit-card POS terminal? Claims such as Download this app and you will be secure should definitely need to be proven, and