User interface, security, and "simplicity"

Jack Lloyd lloyd at
Tue May 6 13:53:49 EDT 2008

On Tue, May 06, 2008 at 03:40:46PM +0000, Steven M. Bellovin wrote:

> In particular, with TLS the session key can be negotiated between
> two user contexts; with IPsec/IKE, it's negotiated between a user
> and a system.  (Yes, I'm oversimplifying here.)

Is there any reason (in principle) that IPsec/IKE could not be done
entirely in userspace / application space, though?


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list