All,
Hopefully this isn't a completely ridiculous question, but with IPSec when
two machines negotiate a connection, they can be configured to initially use
Kerberos, Certificates, or shared key authentication (if I understand
correctly). How much more secure are certificates than shared secrets?
Wouldn't it be possible to use a Man in the Middle (MITM) attack by simply
replaying a cert the same way you would a shared secret?
L2TP/IPSEC site-to-site question ... My main site is using a Windows 2000 server with ISa 2000, ... and with this type of connnection I am able to make the connection... My concerns are about the certificates part. ... (microsoft.public.isa)
L2TP/IPsec sites-to-sites vpn ... My main site is using a Windows 2000 server with ISa 2000, ... and with this type of connnection I am able to make the connection... My concerns are about the certificates part. ... (microsoft.public.security)
Re: TLS Verification ... not the chain is valid from within the default callback, ... connecting to each other, and each doing cert verification on the other, ... # self-signed certificates... # are no longer needed -- either after the connection has been ... (comp.lang.tcl)
Re: Problem with SslStream for data connection for FTP ... Your validation routine is returning true, but it is also accepting all ... Now that you have accepted all certificates on your stream, ...connection. ... When logging in I first issue the AUTH TLS command on non-SSL ... (microsoft.public.dotnet.security)
