At  work,  I  regularly  have  to  set  up  new  IPSec  tunnels to our
 customers.  It's usually a tedious  process  and  requires  a  lot  of
 inter-human communication.

 Now,  imagine other protocols begin as fragile as IKE. Imagine HTTP or
 SMTP failing  most  of  the  time.  Every  other  web  page  would  be
 inaccessible  for  you.  How about mail servers that refuse to talk to
 each other because they can't agree on whether  they're  using  CR  or
 CR+LF as line endings. Just imagine stuff like that for a second.

 Don't you think it's time for a major revamp? A successor to IKE?

 I  know,  I know. It's never going to happen. People would have to buy
 *new hardware*  because  they're  all  doing  IPSec  on  some  obscure
 hardware appliance. Way too expensive.

 This is *so* broken.

 The  entire  computing  industry is broken. We will *never* get rid of
 all that old shit. IPv4 is going to stay  forever,  so  is  IKEv1  and
 Windows  XP. There's too much inertia. You can't replace all the hard-
 and software. You just can't.

 I wonder what's going to happen when UNIX timestamps overflow.

You are viewing proxied material from uninformativ.de. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.