[ECOS] IPsec and openSSL packages
Armando VISCONTI
armando.visconti@st.com
Thu Nov 11 14:40:00 GMT 2004
Andrew Lunn wrote:
>On Thu, Nov 11, 2004 at 03:11:22PM +0100, Armando VISCONTI wrote:
>
>
>>Thx Andrew,
>>
>>But, what happens if I use OpenSSL and not IPsec?
>>I mean, what am I missing in term of security?
>>
>>
>
>They work are different layers. An application use OpenSSL to securely
>transfer data from one application to another application. IPsec
>secures all IP packets from one host to another host.
>
>If you use OpenSSL and not IPsec, anything that is not transfered
>inside an OpenSSL session goes in plain text.
>
> Andrew
>
>
ok, got it!
From this point of view IPsec looks better than OpenSSL.
But can we say that OpenSSL from other point of views is
better than IPsec? For example because IP proxies in the
middle of a chain don't see IP packets in clear? I guess this
is the way IPsec works ...
regards,
Arm
--
Armando Visconti Mobile: (+39) 340 9239426
Senior SW Engineer Fax: (+39) 02 93519702
Work: (+39) 02 93519683
Printer & System Division e-mail: armando.visconti@st.com
ST Microelectronics TINA: 051 4683
--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss
More information about the Ecos-discuss
mailing list