lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <190DFDD2F99A65469B4B15D3658C0D2BAB9FE8@ptc6.ponderosatel.com> From: daniels at Ponderosatel.com (Daniel Sichel) Subject: RE: Full-Disclosure digest, Vol 1 #2001 - 32 msgs >In that case, I assume you are using IPSEC with shared secrets instead >of certificates, no? > You got that right. A cerificate is only as good as the server that issued it, and the directory it's in. Which in the case of Winblows is not good enough. Therefore my shared secrets are kept in a directory never shared, secured to the user and admin only, and maintained by yours truly. If I could use OpenBSD clients instead, I would, but my boss won't by off on a pure thin client solution. Dan S.
Powered by blists - more mailing lists