--Jauder
On Wed, 7 Aug 1996, Linus Torvalds wrote:
>
>
> On Tue, 6 Aug 1996, Jauder Ho wrote:
> >
> > has anyone looked/implemented this? the url is
> >
> > http://www.cisco.com/public/library/isakmp/ipsec.html
>
> I'd just like people to look into ssh before getting all that excited about
> secure IP. Quite frankly, doing cryptography in the IP layer sucks raw eggs,
> and anybody who thinks it's a good idea has probably not really thought it
> through.
>
> Most "secure IP" packages seem to think that having a per-host key is a good
> idea. In fact the whole idea sucks: you need to be the host maintainer to
> change the keys etc. That means that the user is at the mercy of the
> maintainer, who may be overworked, uncaring about the users needs, or simply
> stupid. You can't really protect against a actively _evil_ root, but ipsec
> doesn't even protect against a _uncaring_ root..
>
> With "ssh", you get something that works today, is secure and usable, and can
> be installed easily on the system with minimal need for maintenance, so you
> don't need to worry overmuch about maintaining it. It ports to just about any
> UNIX, and because it's connection-oriented you can use it or not use it as
> you see fit.
>
> Note: if somebody thinks ipsec is useful and implements it cleanly for Linux,
> I'd be more than happy to add it to the kernel despite the above text. I
> don't think ipsec is _evil_, I just don't think it's the right way to do
> security on the internet.
>
> Linus
>