[Info-vax] Still no IPSEC for TCP/IP services?

[David Froble]

Richard Maher wrote:
> "David Froble" <davef at tsoft-inc.com> wrote in message 
> news:jpht9p$o3$1 at dont-email.me...
>> Doug Phillips wrote:
>>> On May 22, 1:11 pm, Dirk Munk <m... at home.nl> wrote:
>>>> Doug Phillips wrote:
>>>>> On May 22, 2:23 am, Dirk Munk<m... at home.nl>  wrote:
>>>>>> Steven Underwood wrote:
>>>>>>> "Dirk Munk" wrote in message
>>>>>>> news:4797c$4fbac358$5ed43999$22551 at cache60.multikabel.net...
>>>>>>>> I'm planning to set up a couple of new OpenVMS systems, and I was
>>>>>>>> thinking of using IPSEC as well. I was amazed to find that IPSEC is
>>>>>>>> not included in the present version of TCP/IP services. It was
>>>>>>>> included in the Early Adopters Kit for TCP/IP services 5.7 in 2007
>>>>>>>> (!!!!), but it never made it to the final version and wasn't added
>> I would be very happy to be able to set up a secure connection, and then 
>> just perform communications without my applications having to know 
>> anything about encryption.  But the capability isn't there.
> 
> Juniper VPN any use?
> 
> Cheers Richard Maher 
> 
> 

I honestly don't know.  I'm doubting it.  I'm ASSUMING that any appliance would need any 
connections established directly from the appliance.  I could be wrong.

What I envision is having a database of pre-arranged partners and bring up and take down 
specific connections upon demand.  I'm not aware of anything secure that can be set up 
without prior cooperation from the remote end, but maybe I don't get out much.

As a client I'd expect that required connections would be known.

As a service I'd expect that new and previously unknown connection requests would be normal.

Since most of the data is lawn mower parts, we're rather comfortable with unencrypted 
socket connections.  But when a credit card number is part of the data, things get rather 
ugly.

I still haven't found a solution that I like.