At Mon, 24 Mar 2008 15:17:56 +0100,
Iljitsch van Beijnum wrote:
On 19 mrt 2008, at 1:46, Eric Rescorla wrote:
A more interesting experiment would be to do away with SSL for a bit
and use IPsec instead.
Why would this be either interesting or desirable?
SSL is vulnerable to more attacks than IPsec and IPsec is more general
than SSL. As such it would be good if we could have IPsec deployment
similar to SSL deployment, similar to how it would be good to have
IPv6 rather than IPv4 deployment, so a similar experiment could be
useful in showing what if any the reasons are we're still stuck with
the inferior SSL/TLS technology.
One of the true joys of the IETF is watching people explain why
their favorite technology is superior to the technology people
have actually chosen to use.
Both IPsec and SSL have applications where they are the appropriate
choice. I don't think there's a lot of point in going into them in
detail. But given that the attacks you're mentioning are frankly
irrelevant in 99.9% of cases (btw, I know what TCP spoofing is, but
it's not relevant for TLS, because the application should be looking
at the cryptographic identity, not the transport layer identity), the
notion that we should tear out most of the application layer security
infrastructure to accomodate your notions of architetural
appropriateness strikes me as extremely dubious.
IETF mailing list