Re: traffic encryption

From: Roman Mashak (mrv_at_tusur.ru)
Date: 08/09/05


Date: Tue, 9 Aug 2005 17:46:15 +0900

Hello, Colin!
You wrote on Fri, 05 Aug 2005 13:14:15 +0100:

 CM> And that is different from managing shared keys among thousands of
 CM> clients because.....?

 CM> (you can use the same key pair on different machines)
As far as I understood, the good practise is changing the keys pairs on a
frequent basis. Is that right?
 ??>> Is it necessary to handle keys/certificates in case
 ??>> with IPSec also?

 CM> Yes. AFAIAA, FreeSwan is the only IPSEC implementation to use SSL.

With best regards, Roman Mashak. E-mail: mrv@tusur.ru