Re: traffic encryption

From: Roman Mashak (mrv_at_tusur.ru)
Date: 08/05/05

  • Next message: Bodo Eggert: "Re: traffic encryption"
    Date: Fri, 5 Aug 2005 11:35:01 +0900
    
    

    Hello, Todd!
    You wrote on 04 Aug 2005 11:50:08 -0500:

     TH> IPSec certainly, and possible OpenSSL warrant a look, depending on
     TH> your exact requirements.
    Could you recommend me some kind of 'SSL primer' to understand better the
    concept of certificates, SSL encryption and so on. As I understand SSL is
    session level protocol, probably for out task it would be less painful,
    except the problem of managing keys.

     TH> There are flavors of IPSec that can traverse modern NAT
     TH> implementations just fine. If they didn't I wouldn't be able to work

    With best regards, Roman Mashak. E-mail: mrv@tusur.ru


  • Next message: Bodo Eggert: "Re: traffic encryption"

    Relevant Pages

    • Re: VPN protocols
      ... Go for PPTP or L2TP ... Must: IPSec or SSL ...
      (Security-Basics)
    • Re: Ace Password Sniffer : How does it work ?
      ... >> Another protocol that offers same is IPSec. ... >> authentication and secure transfer of data between server and client ... >> would be pretty hard to use SSL to secure data exchanged between ... Once you are done with the secured login, ...
      (microsoft.public.security)
    • Re: Use of SSL as a VPN
      ... Matthew Lange wrote: ... Both are about as secure for data, but IPSec gives ... But you probably have to buy the client and the management ... SSL clients come for free. ...
      (sci.crypt)
    • Re: IPSec vs. SSL/SRTP?
      ... > I would rather like to use IPSec, since I like introducing security on ... > fetching a key from SSL to use in SRTP. ... In my experience IPSec is not a problem performance-wise - the compression ... that is built-in more than compensates for the extra CPU cycles (unless ...
      (sci.crypt)
    • Re: Performance of SSL over IPSec circuits
      ... > locations use SSL software over my IPSec connections to the Host ... then out to the Credit Card Processor via Frame Relay? ... from the Crypto++ benchmarks ...
      (sci.crypt)