ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

TLS vs. IPsec (Was: Re: experiments in the ietf week)

2008-03-24 11:00:00
from [Jari Arkko] [Permanent Link] 
Phillip, Iljitsch,
 

If you beleive that there is an attack that SSL is vulnerable to you
should bring it up in TLS.


I think Iljitsch meant that TLS cannot protect against TCP
vulnerabilities, such as spoofed connection resets. This is obviously
well known.

The upside of TLS has of course been that its been extremely easy to
deploy. That's the experiment the planet has been running for the last
decade, and I think the results speak for themselves ;-)

Now, if we had a proposal that turned IPsec into as easily deployable
between random clients and known servers as TLS, I would be interested
in a new experiment! But I did not see a proposal for that yet. Maybe
time for that draft that Phillip suggested in another thread, Iljitsch?

Jari

_______________________________________________
IETF mailing list
IETF(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Write an RFC Was: experiments in the ietf week, Hallam-Baker, Phillip
Next by Date:  Re: Write an RFC Was: experiments in the ietf week, Jari Arkko
Previous by Thread:  RE: experiments in the ietf week, Hallam-Baker, Phillip
Next by Thread:  Re: TLS vs. IPsec (Was: Re: experiments in the ietf week), Iljitsch van Beijnum
Indexes:  [Date] [Thread] [Top] [All Lists]