[ECOS] IPsec and openSSL packages

Armando VISCONTI armando.visconti@st.com
Thu Nov 11 14:40:00 GMT 2004

Andrew Lunn wrote:

>On Thu, Nov 11, 2004 at 03:11:22PM +0100, Armando VISCONTI wrote:
>>Thx Andrew,
>>But, what happens if I use OpenSSL and not IPsec?
>>I mean, what am I missing in term of security?
>They work are different layers. An application use OpenSSL to securely
>transfer data from one application to another application. IPsec
>secures all IP packets from one host to another host. 
>If you use OpenSSL and not IPsec, anything that is not transfered
>inside an OpenSSL session goes in plain text. 
>        Andrew
ok, got it!
 From this point of view IPsec looks better than OpenSSL.
But can we say that OpenSSL from other point of views is
better than IPsec? For example because IP proxies in the
middle of a chain don't see IP packets in clear? I guess this
is the way IPsec works ...


Armando Visconti                  Mobile: (+39) 340 9239426
Senior SW Engineer                Fax:    (+39) 02 93519702
                                  Work:   (+39) 02 93519683
Printer & System Division         e-mail: armando.visconti@st.com
ST Microelectronics               TINA:   051  4683


Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss

More information about the Ecos-discuss mailing list