Discussing firewalls, ses@tipper.oit.unc.edu (Simon Spero) writes:

What do you need as well as crypto before you can remove all firewalls?

What firewalls do is they allow an independent group of people to track external network access and enforce rules over a large population of hosts. Given that just about any security installed on a workstation can be overcome (inadvertently or consciously) by someone with physical access to it, I doubt firewalls will ever go away entirely. Today's techniques will no doubt evolve and change in varous ways over time. But I'd be surprised if the function went away entirely. Until Netscape came out I suspected that desktop crypto wouldn't make the bigtime soon, simply because there are too many ways to do it wrong. Netscape has demonstrated that doing it wrong is no impediment to deployment. Organizations that want to do crypto well are probably going to concentrate crypto services in a few closely managed hosts to reduce the risk of messing things up. Rick. smith@sctc.com secure computing corporation