Talk:IPsec: Difference between revisions
imported>Howard C. Berkowitz (Citations, Authentication Header, Article on functions rather than mechanisms) |
imported>Howard C. Berkowitz (→Style and judgments: new section) |
||
Line 12: | Line 12: | ||
==Authentication header== | ==Authentication header== | ||
In my experience, there are applications where this is used, when the only requirement is for source authentication and header integrity. Could you give some citations about it not being used?[[User:Howard C. Berkowitz|Howard C. Berkowitz]] 17:46, 15 October 2008 (UTC) | In my experience, there are applications where this is used, when the only requirement is for source authentication and header integrity. Could you give some citations about it not being used?[[User:Howard C. Berkowitz|Howard C. Berkowitz]] 17:46, 15 October 2008 (UTC) | ||
== Style and judgments == | |||
While an occasional subjective statement is not always out of place, unsourced judgment calls, or text that is argumentative, is just not encyclopedic style: | |||
<blockquote>You can use ESP for encryption with AH for authentication: This has higher overheads than using the authentication in ESP, and no obvious benefit in most cases. The exception might be a network where AH authentication was widely or universally used. If you're going to do AH to conform with network policy, why authenticate again in the ESP layer?</blockquote> | |||
It's perfectly reasonable to cite an article that asks these questions. In the absence of publications, but where the topic is, as the Patent Office puts it, "obvious to one skilled in the art", there may be justification to write a signed article. CZ isn't as compulsive as The Other Place about every word being sourced, but there is a line beyond which sourcing is needed. I think this text goes beyond that line. Might I ask it be rephrased or sourced? [[User:Howard C. Berkowitz|Howard C. Berkowitz]] 01:30, 16 October 2008 (UTC) |
Revision as of 19:30, 15 October 2008
Started article, first cut, using material from FreeS/WAN, see User_talk:Sandy_Harris/Permission. There's more from there to add, then it will need much editing. Sandy Harris 13:07, 15 October 2008 (UTC)
- If so, FreeS/WAN needs to be cited.Howard C. Berkowitz 17:46, 15 October 2008 (UTC)
Communications security/information assurance
I'd like to have one basic place where security functions, rather than enforcement mechanisms, are initially defined; there can, of course, be sub-articles. I started one called communications security, although I don't especially like the title. Information security or Information assurance might be alternatives, although I want to be sure the title encompasses:
- Features that would be in a computer, not just the communications channel
- Features that tend to be relevant just to the channel, such as frequency agility, protected distribution system, and combinations of spread spectrum with frequency agility (and even multiple antennas).
Suggestions? Once we agree on the title, I'd like the functions described in the lead to wikilink there, so IPSec can concentrate on a particular set of mechanisms. There may well be good reason to link to a separate set of articles on cryptographic algorithms.
Authentication header
In my experience, there are applications where this is used, when the only requirement is for source authentication and header integrity. Could you give some citations about it not being used?Howard C. Berkowitz 17:46, 15 October 2008 (UTC)
Style and judgments
While an occasional subjective statement is not always out of place, unsourced judgment calls, or text that is argumentative, is just not encyclopedic style:
You can use ESP for encryption with AH for authentication: This has higher overheads than using the authentication in ESP, and no obvious benefit in most cases. The exception might be a network where AH authentication was widely or universally used. If you're going to do AH to conform with network policy, why authenticate again in the ESP layer?
It's perfectly reasonable to cite an article that asks these questions. In the absence of publications, but where the topic is, as the Patent Office puts it, "obvious to one skilled in the art", there may be justification to write a signed article. CZ isn't as compulsive as The Other Place about every word being sourced, but there is a line beyond which sourcing is needed. I think this text goes beyond that line. Might I ask it be rephrased or sourced? Howard C. Berkowitz 01:30, 16 October 2008 (UTC)