Open Source (was Simple SSL/TLS - Some Questions)
Perry E. Metzger
perry at piermont.com
Sun Oct 12 16:57:20 EDT 2003
[Moderator's note: Forwarded anonymously at the sender's request, so
if you reply to this, please cut my name out of it, it isn't my
message --Perry]
----------------------------------------------------------------------
Perry, please forward anonymously.
On Friday, Oct 10, 2003, at 22:48 America/Chicago, David Honig wrote:
> At 12:08 AM 10/10/03 +0800, Ng Pheng Siong wrote:
>> I believe SSL VPNs are easier than IPsec to deploy
>
> For the former, you give a password or two --maybe
> reuse a POP3 that your users already have-- and all your
> users get in fairly securely, and you can verify them.
Ugh.
Taking a page from the IETF playbook, I ran dsniff as a background task
at a recent business meeting. I captured hundreds of assorted
passwords. About half were POP passwords.
----------------------------------------------------------------------
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list