[Info-vax] Rethinking DECNET ?
David Froble
davef at tsoft-inc.com
Mon Sep 1 15:05:59 EDT 2014
Dirk Munk wrote:
> David Froble wrote:
>> Simon Clubley wrote:
>>> On 2014-08-31, VAXman- @SendSpamHere.ORG <VAXman- at SendSpamHere.ORG>
>>> wrote:
>>>> In article <ltscu4$1le$2 at dont-email.me>, Simon Clubley
>>>> <clubley at remove_me.eisner.decus.org-Earth.UFP> writes:
>>>>> On 2014-08-30, JF Mezei <jfmezei.spamnot at vaxination.ca> wrote:
>>>>>> DECNET offers some neat stuff and security.
>>>>>>
>>>>> DECnet most certainly does _not_ offer security - it's an unencrypted
>>>>> data stream.
>>>> Just like TCP/IP.
>>>>
>>>
>>> DECnet is a whole range of protocols just like TCP/IP is and while
>>> the basic TCP and IP layers do not have encryption built in, there
>>> are other layers, within the protocol stack, which do give you that
>>> capability. You can even choose per-site or per-session encryption
>>> as you wish.
>>>
>>> DECnet has no such equivalent to those protocol layers.
>>>
>>> Simon.
>>>
>>
>> I would suggest that SSL is not part of TCP/IP. Of course people can
>> choose to group things as they wish. But, Brian is correct, TCP/IP does
>> not have encryption, except as layered on top of TCP/IP, and I'll argue
>> that it's a separate product.
>
> TCPIP does have encryption, IPsec. It encrypts >>all<< IP traffic. It is
> not part of the original IP setup, but if your IP stack has it, you can
> have total encryption.
And there-in lies the problem. HP's TCP/IP on VMS does not support
IPsec. Remember, this is c.o.v ....
PErsonally, I think IPsec is great. I haven't paid much attention to
any security flaws, since as a VMS user, it would not matter to me.
More information about the Info-vax
mailing list