On Tue, Jan 26, 1999 at 05:28:13PM -0500, Perry E. Metzger wrote:
>
>Andrew Brown <twofsonet@graffiti.com> writes:
>> it just has the distinct stigma of having microsoft's name on it.
>> 
>> if you look at who's actually writing the internet drafts for it,
>> microsoft obviously doesn't "own" the protocol.  they just did it
>> wrong first.
>
>It actually is a horrible protocol. Running PPP over IP as a tunneling 
>protocol? The idea reeks.

okay.  i was not actually aware of the depths of their madness.  :)

i thought they were just encapsulating (optionally) encrypted ip in
the gre packets.  but the idea does not "reek".  i think it's actually
a nice idea.  but don't get me wrong...i dislike microsoft as much as
the other guy.

>There are far better protocols for handling this sort of thing. See IPSec.

you can wave ipsec around as much as you want, but i don't have it and
neither do you.  i'm waiting for it...much the same way way i'm
waiting for dnssec.  which one do you think will appear first?

>The fact that 99% of the implementations are insecure doesn't help, of 
>course.

well...there is that.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."