Re: [ECOS] IPsec and openSSL packages

[Armando VISCONTI <armando dot visconti at st dot com>]

Andrew Lunn wrote:

> On Thu, Nov 11, 2004 at 03:11:22PM +0100, Armando VISCONTI wrote:
>  
>
> > Thx Andrew,
> >
> > But, what happens if I use OpenSSL and not IPsec?
> > I mean, what am I missing in term of security?
> >    
>
> They work are different layers. An application use OpenSSL to securely
> transfer data from one application to another application. IPsec
> secures all IP packets from one host to another host. 
>
> If you use OpenSSL and not IPsec, anything that is not transfered
> inside an OpenSSL session goes in plain text. 
>
>        Andrew
>  
ok, got it!
From this point of view IPsec looks better than OpenSSL.
But can we say that OpenSSL from other point of views is
better than IPsec? For example because IP proxies in the
middle of a chain don't see IP packets in clear? I guess this
is the way IPsec works ...

regards,
Arm

--
Armando Visconti                  Mobile: (+39) 340 9239426
Senior SW Engineer                Fax:    (+39) 02 93519702
                                 Work:   (+39) 02 93519683
Printer & System Division         e-mail: armando.visconti@st.com
ST Microelectronics               TINA:   051  4683
                                   
                                   


    
       


--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss