From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: To: micah@stetsonnet.org, 9fans@cse.psu.edu Subject: Re: [9fans] Secure ftp Again Date: Mon, 4 Apr 2005 06:12:31 +0200 From: lucio@proxima.alt.za In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Cc: Topicbox-Message-UUID: 3273d362-ead0-11e9-9d60-3106f5b1d025 > Let's implement Transport Layer Security inside all our application > layer protocols! I can see the logic in the IESG (thanks, again, Geoff) mandating TLS as a negotiated layer _and_ I can see the nightmare it gives rise to. Properly designed, this means there is a single implementation of TLS (Russ's comments about a TLS-savvy kernel, more likely a kernel module in the brave new world after Linux) and a reality of each school implementing it slightly differently and totally incompatibly. My gut feel is that applying namespace rules (OK!) would alleviate the nightmare, just as factotum very successfully simplifies a different aspect of security. ++L