OMB: IPv6 by June 2008

• Previous message (by thread): OMB: IPv6 by June 2008
• Next message (by thread): OMB: IPv6 by June 2008
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I don't want to get into an SSL vs. IPsec argument, but...

David Conrad <david.conrad at nominum.com> writes:
>> Compare with SSL (works out-of-the-box in 99.999% cases,
>> and allows both, full and hard security with root certificates etc, or
>> simple security based on _ok, I trust you first time, then we can
>> work_.
>
> a) I suspect most SSL implementations derive out of the same code base.

I'd be surprised if this is correct. The three major SSL/TLS 
implementations by deployment are:

1. OpenSSL (used in Apache2, ApacheSSL, and mod_ssl)
2. Microsoft (used in IE and IIS)
3. Firefox/Mozilla (based on Netscape's NSS).

These are all genetically distinct. In addition, there are at least
three independent Java implementations (JSSE, PureTLS, SSLava).
In addition, Terisa Systems (now Spyrus) independently implemented
SSLv3 (though our v2 stack had some of Netscape's SSLref stack)
and I believe that Consensus development did so as well.

-Ekr

• Previous message (by thread): OMB: IPv6 by June 2008
• Next message (by thread): OMB: IPv6 by June 2008
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]