lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri Jun 9 16:35:56 2006 From: michael.holstein at csuohio.edu (Michael Holstein) Subject: SSL VPNs and security > SSL certificates are free. You just have to have enough knowledge to > distribute your own CA certificate. For a VPN appliance, this should > not be a problem at all, since only your trusted users should be > accessing it. Even if you aren't competent enough to figure out how to > distribute your own CA certificate, I believe there are such things as > wildcard certificates. Great .. setup a SSL vpn, then tell your users it's okay to click "yes" on the "untrusted certificate" popup. Sure, it's trivial to create self-signed certs (or run a CA), but distributing your cert (or the CA cert) to all but a handful of clients is a logistical nightmare. If you're going to be installing stuff, might as well make that a IKE/IPSEC client and do it the right way to begin with. /mike.
Powered by blists - more mailing lists