Re: Still no IPSEC for TCP/IP services?

On May 22, 2:23 am, Dirk Munk <m...@xxxxxxx> wrote:
Steven Underwood wrote:

"Dirk Munk" wrote in message
news:4797c$4fbac358$5ed43999$22551@xxxxxxxxxxxxxxxxxxxxxxxxx

I'm planning to set up a couple of new OpenVMS systems, and I was
thinking of using IPSEC as well. I was amazed to find that IPSEC is
not included in the present version of TCP/IP services. It was
included in the Early Adopters Kit for TCP/IP services 5.7 in 2007
(!!!!), but it never made it to the final version and wasn't added
later on.

As far as I know IPSEC is a mandatory part of IPv6, so the IPv6 stack
of TCP/IP services isn't complete either. It may well be that there is
more modern functionality missing in the IPv6 stack

Does any one know what happened, why was HP not capable of producing a
full functional IPSEC stack in 5 years time? Even Windows Vista has
IPSEC........

Dirk: The EAK is still the only version of IPSEC as far as I have heard..
There are very few people (one other, really) asking for it. Your
arguments mirror his.

I personally have no use for IPSEC or IPv6 on VMS or not. That also
seems to be the general consensus I seen here toward IPv6 and IPSEC on VMS.

Steven Underwood

Thanks Steve.

I never liked IP anyway. It seems to be one enormous hobby project where
lots of people and groups are producing solutions for many different
problems without any conceptional thinking. The result is mountains of
RFC's

Encryption is a prime example. If you want to keep your data
communication secret then you will need encryption. But if you want to
encrypt your data transport between two nodes, then it looks obvious to
me that you should want to encrypt all data, and IPSEC does just that
for IP traffic.



I understand why HP wouldn't spend $$$$$$$ to develop something that
can be had for $$. Moving data between two nodes via the internet
requires an appliance at each end, so the connection is not node-to-
node, it's appliance-to-appliance. Any of the appliances I would
consider using for any full-time secure connection have IPsec built-
in.

For some-time/part-time connections, SSL works just fine and is soooo
much easier to manage.
.

Relevant Pages

  • Re: Still no IPSEC for TCP/IP services?
    ... I was amazed to find that IPSEC is ... not included in the present version of TCP/IP services. ... communication secret then you will need encryption. ... higher layers if possible. ...
    (comp.os.vms)
  • Re: HP TCP/IP for OpenVMS IPsec EAK
    ... Adopters Kit is now available for download (Alpha and ... Can IPsec a la mode de VMS talk to Windows IPsec? ... Announcing the HP TCP/IP Services for OpenVMS IPsec T5.7 Early ...
    (comp.os.vms)
  • Re: Still no IPSEC for TCP/IP services?
    ... I was amazed to find that IPSEC is ... not included in the present version of TCP/IP services. ... communication secret then you will need encryption. ... Buy an inexpensive appliance that's ...
    (comp.os.vms)
  • Re: Still no IPSEC for TCP/IP services?
    ... I was amazed to find that IPSEC is ... not included in the present version of TCP/IP services. ... connections established directly from the appliance. ...
    (comp.os.vms)
  • Re: The continued ham-stringing of IPsec/VMS - Cui Bono? - TUDs - Bobby Ewing
    ... Can someone please explain to me what obstacles are preventing IPsec ... So which corners would be cut by certifying IPsec with VMS 8.4 TCP/IP 5.7 ... for the whole of the operating system and all of TCP/IP services (just not ... Or perhaps it is also imprudent to ship untested and uncertified IPsec code ...
    (comp.os.vms)