IPSEC == end of firewalls (was Re: (fwd) e$: PBS NewsHour, Path Dependency, IPSEC, Cyberdog, and the Melting of Mr.)

[Pete Loshin]

More to the point, I don't think it's possible to trust the 
security of the network software USERS in any case.

-Pete Loshin
 pete at loshin.com

Perry Metzger wrote:
>Nelson Minar writes:
>> I'm all for the end of ridiculous non-TCP/IP protocols, but does
>> anyone believe this point about encrypted IP traffic eliminating the
>> need for firewalls?
>
>There is division in the IETF community on this point.
>
>Phil Karn (who I have the greatest respect for) thinks IPSEC means we
>can get rid of the firewalls. I, for one, don't -- they are there
>largely because people don't trust that their networking software is
>free of security holes, and cryptography doesn't fix security holes
>for the most part.
>
>Perry