This is the mail archive of the
ecos-discuss@sources.redhat.com
mailing list for the eCos project.
Re: IPsec and openSSL packages
Andrew Lunn wrote:
On Thu, Nov 11, 2004 at 03:11:22PM +0100, Armando VISCONTI wrote:
Thx Andrew,
But, what happens if I use OpenSSL and not IPsec?
I mean, what am I missing in term of security?
They work are different layers. An application use OpenSSL to securely
transfer data from one application to another application. IPsec
secures all IP packets from one host to another host.
If you use OpenSSL and not IPsec, anything that is not transfered
inside an OpenSSL session goes in plain text.
Andrew
ok, got it!
From this point of view IPsec looks better than OpenSSL.
But can we say that OpenSSL from other point of views is
better than IPsec? For example because IP proxies in the
middle of a chain don't see IP packets in clear? I guess this
is the way IPsec works ...
regards,
Arm
--
Armando Visconti Mobile: (+39) 340 9239426
Senior SW Engineer Fax: (+39) 02 93519702
Work: (+39) 02 93519683
Printer & System Division e-mail: armando.visconti@st.com
ST Microelectronics TINA: 051 4683
--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss