IETF Logo Mail Archive

Re: [saag] Algorithms/modes requested by users/customers

Paul Hoffman <paul.hoffman@vpnc.org> Tue, 19 February 2008 18:52 UTC

Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id m1JIqDI1004439 for <saag@PCH.mit.edu>; Tue, 19 Feb 2008 13:52:13 -0500
Received: from mit.edu (M24-004-BARRACUDA-1.MIT.EDU [18.7.7.111]) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id m1JIq3ck024805 for <saag@mit.edu>; Tue, 19 Feb 2008 13:52:03 -0500 (EST)
Received: from balder-227.proper.com (balder-227.proper.com [192.245.12.227]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mit.edu (Spam Firewall) with ESMTP id BE9D777702A for <saag@mit.edu>; Tue, 19 Feb 2008 13:51:58 -0500 (EST)
Received: from [10.20.30.152] (dsl-63-249-108-169.cruzio.com [63.249.108.169]) (authenticated bits=0) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id m1JIpnJm092659 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <saag@mit.edu>; Tue, 19 Feb 2008 11:51:56 -0700 (MST) (envelope-from paul.hoffman@vpnc.org)
Mime-Version: 1.0
Message-Id: <p06240809c3e0d3f52b5b@[10.20.30.152]>
In-Reply-To: <FAD1CF17F2A45B43ADE04E140BA83D483C4E9D@scygexch1.cygnacom.com>
References: <8329C86009B2F24493D76B486146769A9429B7A8@USEXCHANGE.corp.extremenetworks. com> <p06240804c3de211f0592@[10.20.30.162]><p06240504c3e09559649c@[192.168.0.10 2]> <p06240804c3e0ad5d1fa4@[10.20.30.152]> <FAD1CF17F2A45B43ADE04E140BA83D483C4E93@scygexch1.cygnacom.com> <p06240806c3e0c794447c@[10.20.30.152]> <FAD1CF17F2A45B43ADE04E140BA83D483C4E9D@scygexch1.cygnacom.com>
Date: Tue, 19 Feb 2008 10:51:46 -0800
To: saag@mit.edu
From: Paul Hoffman <paul.hoffman@vpnc.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
X-Spam-Score: 0.00
X-Spam-Flag: NO
X-Scanned-By: MIMEDefang 2.42
Subject: Re: [saag] Algorithms/modes requested by users/customers
X-BeenThere: saag@mit.edu
X-Mailman-Version: 2.1.6
Precedence: list
List-Id: IETF Security Area Advisory Group <saag.mit.edu>
List-Unsubscribe: <http://mailman.mit.edu/mailman/listinfo/saag>, <mailto:saag-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/saag>
List-Post: <mailto:saag@mit.edu>
List-Help: <mailto:saag-request@mit.edu?subject=help>
List-Subscribe: <http://mailman.mit.edu/mailman/listinfo/saag>, <mailto:saag-request@mit.edu?subject=subscribe>
X-List-Received-Date: Tue, 19 Feb 2008 18:52:13 -0000

At 1:13 PM -0500 2/19/08, Santosh Chokhani wrote:
>My general observation is that vendors do not assign their engineers to
>these efforts and there is a dearth of qualified testers, resulting in
>blind leading the blind.

That is a fairly damning criticism of the process, of course.

It would not be bad if this were a voluntary logo program like VPNC 
or ICSA Labs has; when it prevents a large customer (many large 
customers, according to Ran) from buying up-to-date equipment that 
meets their security needs, it has serious implications for the 
security of the purchasers.

--Paul Hoffman, Director
--VPN Consortium

v2.23.0 | Report a Bug | By Email