Re: [btns] Suggestion for Better-Than-Nothing Security (btns)

Stephen Kent <kent@bbn.com> Tue, 09 June 2009 13:00 UTC

Return-Path: <kent@bbn.com>
X-Original-To: btns@core3.amsl.com
Delivered-To: btns@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3D4CA3A6C8A for <btns@core3.amsl.com>; Tue, 9 Jun 2009 06:00:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.598
X-Spam-Level:
X-Spam-Status: No, score=-2.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UUucU5kCnQ0M for <btns@core3.amsl.com>; Tue, 9 Jun 2009 06:00:08 -0700 (PDT)
Received: from mx3.bbn.com (mx3.bbn.com [128.33.1.81]) by core3.amsl.com (Postfix) with ESMTP id AD5F43A6B2F for <btns@ietf.org>; Tue, 9 Jun 2009 06:00:08 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15] helo=[10.10.10.117]) by mx3.bbn.com with esmtp (Exim 4.63) (envelope-from <kent@bbn.com>) id 1ME0vz-0003Mm-B8; Tue, 09 Jun 2009 09:00:13 -0400
Mime-Version: 1.0
Message-Id: <p06240813c6540b323700@[10.10.10.117]>
In-Reply-To: <20090528050712.D0C5D1CE833@ws1-6.us4.outblaze.com>
References: <20090528050712.D0C5D1CE833@ws1-6.us4.outblaze.com>
X-Priority: 1 (Highest)
Date: Tue, 9 Jun 2009 08:53:36 -0400
To: "tim robertson" <tim987@email.com>
From: Stephen Kent <kent@bbn.com>
Content-Type: multipart/alternative; boundary="============_-967570084==_ma============"
Cc: btns@ietf.org
Subject: Re: [btns] Suggestion for Better-Than-Nothing Security (btns)
X-BeenThere: btns@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Better-Than-Nothing-Security Working Group discussion list <btns.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/btns>, <mailto:btns-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/btns>
List-Post: <mailto:btns@ietf.org>
List-Help: <mailto:btns-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/btns>, <mailto:btns-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2009 13:00:10 -0000

At 12:07 AM -0500 5/28/09, tim robertson wrote:
>Hi, I have a suggestion for Better-Than-Nothing Security (btns). 
>IPSEC should integrate some more encryption features like Obfuscated 
>TCP(code.google.com/p/obstcp/) and you should work with 
>Microsoft/Linux to get them to release a high priority windowsupdate 
>for all windows xp/vista/server operating systems so everyone can 
>install it. Same thing for Linux too. Then IPSEC should be enabled 
>by default for Windows xp/vista/server and Linux.
>
>Can you pass on my suggestion?
>Thanks
>
>--
>Be Yourself @ mail.com!
>Choose From 200+ Email Addresses
>Get a Free Account at <http://www.mail.com/Product.aspx>www.mail.com!
>
>

IPsec is IPsec. It is not a package of software libraries like Open 
SSL.  So, it makes no sense to suggest adding Obfuscated TCP to IPsec.

IPsec has been available in Windows, Linux, and Mac OS X for several years.

Because IPsec (not the BTNS variant) requires access controls and an 
authentication capability, it is not generally feasible to speak of 
it being enabled by default.

Steve