Re: VPN Client Security



On Sat, 30 Aug 2008 03:38:01 -0700, Dan wrote:

Why not require all keys to be updated more frequently and if the
corresponding key is lost then the user has no access === period?

What in the world are you talking about? This makes no sense.

I ran into
an expired key recently at boards.live.microsoft.com and wondered to myself
why Microsoft had not updated the key. I emailed Microsoft and got the
response --- oh, that is a msn problem so you need to contact them -- contact
them -- nope it is not our problem and you need to contact Microsoft --- this
shifting of responsibility is stupid because no one wants to own up and be a
man or woman and say this is a problem that needs to be remedied and I if
they do indeed have the skills then let them say that I have the skills so I
can take action with the proper approval and fix the problem and then it is
no longer a problem

You can't even distinguish between a pre-shared key and certificate and you
expect anyone to take you seriously when it comes to your whacked out views
on what constitutes computer security? Man, I feel sorry for whomever is
employing you if your job involves anything at all to do with computer
security.

--
Paul Adare
MVP - Identity Lifecycle Manager
http://www.identit.ca
A computer program does what you tell it to do, not what you want it to do.
.