Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

1DES (was Re: [Design] IPSec in 2.5 Kernel?)

From: Henry Spencer <henry(at)spsystems.net>
Date: Wed Mar 19 2003 - 11:40:48 EST

On Wed, 19 Mar 2003, Paul Wouters wrote:
> Perhaps it is time to give people the tools to cut themselves. There
> will always be 1DES patches out there. Perhaps it is better to warn
> loudly and support it, then to drive people away.

John was always pretty adamant about this, and I doubt he's changed his mind since I left the project: 1DES offers no real security any more, and offering fake security, even as an option, is a major sin. Why not offer rot13 as a cipher as well?

I must say that even though I opposed him on this originally, I've come to largely agree with him. Dumping 1DES didn't cause a tenth of the trouble that I'd expected.

                                                          Henry Spencer
                                                       henry@spsystems.net

_______________________________________________

Design mailing list
Design@lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/design Received on Wed Mar 19 13:33:24 2003

This message: [ Message body ]
Next message: John S. Denker: "Re: [Design] IPSec in 2.5 Kernel?"
Previous message: Paul Wouters: "Re: [Design] IPSec in 2.5 Kernel?"
In reply to: Paul Wouters: "Re: [Design] IPSec in 2.5 Kernel?"
Next in thread: Derek Atkins: "Re: [Design] IPSec in 2.5 Kernel?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:59:57 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library