New encryption technology closes WLAN security loopholes
Derek Atkins
warlord at MIT.EDU
Tue Sep 25 10:53:04 EDT 2001
Heh.
I've been arguing for YEARS that classic firewalls, as they have been
used for even more years, have been a disservice to network security.
You know, the whole "hard, crunchy exterior with soft, chewy interior"
sort of thing. Instead if we had ubiquitous multi-level secure
services (using IPsec, SSL, SSH, PGP, Kerberos, etc.) it would be a
much better world.
-derek
ji at research.att.com writes:
> > Or in other words, the first requirement for perimeter security is a perimeter.
>
> In increasingly many environments, the term "perimeter" makes little sense.
> See, for example, the CCS-2000 paper on Distributed Firewalls by Sotiris
> Ioannidis et al. You can get it (among other places) from
> http://www.research.att.com/~smb/papers/ccs-df.pdf
>
> /ji
>
> (for the curious, the Ioannidis on that paper is my brother, not I).
>
>
>
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list