[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AS#2 Transport Protocol/Security
I guess I am having problems following this thread. I need a quick
tutorial. Carl, Javed, and Dave what is the difference in PPTP and VPN?
Can we have a quick list of what each does and does not do? I don't think
most of us on the list are up to speed on these two.
__This is the key issues of how to tie the web sites together and exchange
A quick comparison showing the similarities and differences on each.
How does that sound?
At 8:45 AM 9/13/96, Dave Darnell wrote:
>At 06:10 PM 9/11/96 GMT, Carl Hage wrote:
>>I think SSL is a suitable choice, but PPTP or any VPN protocol is not
>>suitable for EDI TP-TP boundaries. PPTP is designed for WANs, etc. which
>>allow *all* kinds of packet data, including hacking. This is really
>>designed to provide a bridge between two remote LANs. You don't want
>>to bridge the LANs of two TPs.
>I agree with Javed, that PPTP, or maybe something closer to the IPSec spec
>(or S/WAN from RSA) the IETF is working on, would be excellent choice to
>establish a "VIRTUAL NETWORK of Trading Partners". SSL could be used within
>the VPN for added security of specific transactions.
>With a VPN and IPSec we will have the capability to establish secure
>networks within networks - it will enable "GLOBAL INTRAnetworking of
>Trading Partners". The ability to link desktops globally across company and
>country boundaries is a powerful concept!!
>Sure you will have "hackers" in the VPN (employees of the trading partners)
>just like you have hackers within the corporate firewalled INTRANET. This
>will never change. Also, just like you have Network security specialists
>within corporations, the VPN will probably demand the same kind of
>infrastructure as it grows.
>VPN/IPSec further enables the trend toward the "VIRTUAL WORKPLACE" or the
>"VIRTUAL CORPORATION". Any technology that contributes here will be of
>extreme importance and interest to many enterprises all over the world.
>I hope others are as interested in this as I am. I think that VPN's (using
>IPSec) will add tremendous momentum to EC/EDI over the Internet.
>For more info look into these URL's:
>The Microsoft sponsored ietf-draft is at:
>RSA is sponsoring an interoperability test of IPSec and their own "S/WAN"
>concept - see:
>VPN's are not new, but the IPSec standards that make product
>interoperability possible is!
>THese standards are of great importance! Check out the IPSec charter and URL
>The applicable RFC's are:
> Security Architecture for the Internet Protocol (RFC 1825) (56772 bytes)
> IP Authentication Header (RFC 1826) (30475 bytes)
> IP Encapsulating Security Payload (ESP) (RFC 1827) (30278 bytes)
> The ESP DES-CBC Transform (RFC 1829) (19291 bytes)
> IP Authentication using Keyed MD5 (RFC 1828) (9800 bytes)
>You can hotlink to these from the charter web page.
>PLEASE! Lets study this more before ruling out the VPN and IPSec as a viable
>EC/EDI over the Internet alternative!
>| David Darnell
>| SysTrends, Inc.
>| Arizona EC/EDI Roundtable
>| 1850 East Carver Road
>| Tempe, AZ 85284-2510 USA
>| Tel (602)838-5316
>| Fax (602)897-8032
| Rik Drummond - The Drummond Group |
| 5008 Brentwood Ct., Ft. Worth, TX 76132 USA |
| Voice: 817 294 7339 Fax: 817 294 7950 |