Re: Should security requirements be MUST?

On Mon, Jul 02, 2012 at 11:16:21AM -0700, Joe Touch wrote:
> >If fact, Netscape shipped a time when kernel TCP/IP modules didn't exist
> >on many clients.
> 
> Clearly everything Netscape first shipped with hasn't changed in 17 years.
> 
> Oh, and why it's still available.
> 
> Things change, and there have been many opportunities to use kernel
> modules over the years. "First out" isn't always the winner (or are
> you all using SGML and Fetch?)

Sure, but what it means is that SSL had the first mover advantage.  If
IPSEC was going to displace SSL it would have needed to be
significantly better in terms features, functionality, ease-of-use,
ease-of-deployability, etc.  Unfortunately, the lack of standard API,
the unevenness which OS providers adopted IPSEC, etc., meant that in
the eyes of application developers IPSEC was significantly worse than
SSL, not better.

Yes, today IPSEC support is in most OS's.  And in theory someone could
create a simple, easy to use userspace library which applications
could use, and this API could expose enough information on a per-TCP
connection basis so that a server could make authorization decisions.
(The discussion of whether x.509 certificate names is a wash, given
SSL is also using certificates, so it doesn't matter for the purposes
of this discussion.)  But even supposing all of this work got done,
what's the killer feature that would cause people to want to migrate
to using IPSCEC instead of SSL?