POV-Ray: Newsgroups: povray.off-topic: Fun with cryptography: Re: Fun with cryptography

POV-Ray : Newsgroups : povray.off-topic : Fun with cryptography : Re: Fun with cryptography		Server Time 7 Sep 2024 21:15:21 EDT (-0400)

From: Darren New
Date: 4 Jul 2008 12:10:58
Message: <486e4b92@news.povray.org>

Invisible wrote:
> As does the fact that SSL and TLS both run over TCP, yet OpenVPN seems 
> to be using UPD. That looks like a big enough deviation from the 
> standard that I'm left wondering how many design decisions have been 
> made with potential security implications.

Yes, exactly. That, and all the other things you might want to do (like 
be behind a NAT) that OpenVPN doesn't handle.

Note that SSL and TLS are both technologically the same thing. The 
difference is in provisioning. That is, it's SSL if you start the 
protocol dance as soon as you open the port (because you're talking on 
port 443 instead of port 80, for example). It's TLS if you open the 
connection, do some negotiation, *then* start encrypting, such as with 
BEEP or Secure SMTP or anything else that has a "STARTTLS" command.

-- 
Darren New / San Diego, CA, USA (PST)
  Helpful housekeeping hints:
   Check your feather pillows for holes
    before putting them in the washing machine.

Post a reply to this message