Tinc's response to "Linux's answer to MS-PPTP"

Ian Grigg iang at systemics.com
Sun Sep 28 14:52:48 EDT 2003 

M Taylor wrote:

> Oh, and they fixed their flaws. SSHv1 is not recommended for use at all,
> and most systems use SSHv2 now which is based upon a draft IETF standard.
> SSL went through SSLv1, SSLv2, SSLv3, TLSv1.0, and TLSv1.1 is a draft IETF
> standard.


It is curious, is it not, that there has been no well
written protocol that became successful on its first
attempt?  And, contrariwise, all successful systems
started out with crypto that slept shamefully with
ROT13.


> If Guus Sliepen and Ivo Timmermans are willing to seriously rethink their
> high tolerance for unncessary weakness, I think tinc 2.0 could end up being
> a secure piece of software. I hope Guus and Ivo circulate their version 2.0
> protocol before they do any coding, so that any remaining flaws can be easily
> fixed in the paper design without changing a single line of code, saving time
> and effort.


This is the best thing written so far.  Even if Guus
and Ivo were not to distribute their designs for 2.0,
I would salute their efforts so far.

It is clear that they have users.  Hoorah! I say.  It
is clear that they have successfully enabled millions
of VPN connections.  There art we happy!  It is fair
to say that through their efforts, many hundreds or
thousands of Linux boxen have escaped becoming part
of the lamented and hacked 43,000.  A pack of blessings
light upon the backs of cryptographers!

The notion that Guus and Ivo have done anything in the
slightest sense, wrong, is mysterious to me.  It defies
explanation.  They built a product.  They protected users.

Now, later on, after *proving* the product meets the
needs of the market place, is the time to clean up the
stopgap home-brewed crypto.  It's not the most urgent
thing.  Only if the product is under sustained and
unavoidable attack by the bad guys - like HTTPS - is
it urgent to get in there and fix the security.

And from the absence of any commentary on actual attacks,
there seems all the time in Mantua to prepare a killer 2.0
crypto layer.

Or am I missing something?

iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list