User interface, security, and "simplicity"
Ian G
iang at systemics.com
Sun May 4 16:28:32 EDT 2008
Perry E. Metzger wrote:
> It is obvious to anyone using modern IPSec implementations that their
> configuration files are a major source of pain. In spite of this, the
> designers don't seem to see any problem. The result has been that
> people see IPSec as unpleasant and write things like OpenVPN when the
> underlying IPSec protocol is just fine and it is the implementations
> that are unpleasant.
Kerckhoffs' 6th, providing great entertainment for the
security world, since 1883.
=====================
6. Finally, it is necessary, given the circumstances that
command its application, that the system be easy to use,
requiring neither mental strain nor the knowledge of a long
series of rules to observe.
=====================
iang
PS: Although his 6th is arguably the most important, his
others are well worth considering:
https://www.financialcryptography.com/mt/archives/000195.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list