On Thu, 16 Aug 2001, Jeff King wrote: > This is *exactly* what SSH does, and it is already written and > well-tested code. you would think so. the number of flaws in the code, and the protocol (at least SSH1), would suggest that there should be investigated other solutions first. note i'm not a fan of usig a TCP transport mechanism, even with crypto behind it, a syour VPN. i'm a bigger fan of generic encapsulation protocols based on routing (or policy routing) protocols. you have to graft too much on to the system (ie points of failure) to shove things into TCP/SSH pipes (or TCP/SSL pipes). ____________________________ jose nazario joseat_private PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Fri Aug 17 2001 - 08:46:51 PDT