Overly simplified vanity crypto protocols with no key management are much less secure then complex cryptonsystens #cutsbothwayshttps://twitter.com/RichFelker/status/875699196455727104 …
I consider ipsec more complex than TLS, because of bad interface boundary/layering.
-
-
Funny, I consider IPsec less complex than TLS because of the clear separation of command and data channels
-
I think that's because you're one of, like, 6 people who actually understand IPsec. /
@RichFelker -
honoured you say so but there are many more. And IKEv1 learned from SSL, and TLS 1.3 learned from IKEv2.
#openness -
just having some fun (and fully concur). FTR, I borrowed
@matthew_d_green's maxim: “Nobody actually understands IPsec” -
it's a bad myth though and why we see things like wireguard getting into the kernel

-
s/maxim/quip.
I know nothing about WG. In the commercial VPN IPsec space, things are… not good. -
telco's build the weirdest networks out of any blocks :)
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.