2.6 kernel patches

Lamont R. Peterson lamont at gurulabs.com
Mon Dec 22 18:48:29 UTC 2003


On Sun, 2003-12-21 at 17:07, Benny Amorsen wrote:
> Please kill off CIPE for good. It is insecure. If you absolutely /must/
> include a protocol with such limitations, at least pick OpenVPN. I say
> that as a current user of CIPE who is in the process of switching.

Yes...please, drop CIPE.  It is quite insecure.

BTW:  Though I have not fully reviewed the research, I have read a fair
amount of materiel describing the problems with CIPE.  In a nutshell,
the bulk of the insecurity stems from protocol problems.

Anyway, if anyone cares, I could find the items that I read (it was
months ago).
-- 
Lamont Peterson <lamont at gurulabs.com>
Senior Instructor
Guru Labs <http://www.gurulabs.com/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20031222/b7c02916/attachment.sig>


More information about the fedora-devel-list mailing list