Archive of UserLand's first discussion group, started October 5, 1998.

Re: fyi:etunnels

Author:Dennis Peterson
Posted:9/20/1999; 2:49:35 PM
Msg #:11296 (In response to 11295)
Prev/Next:11295 / 11297

From their FAQ:

Is eTunnels secure?

Yes. All authentication and authorization to your shares is managed by the eTunnels server. The eTunnels server administers all approvals and privileges between the all the eTunnels clients (the software you and your group members downloaded from eTunnels) in your group. All communication between the eTunnels clients and the eTunnels server is made over SSL using 128bit DSA encryption. This encryption method is very secure and ensures that control communication is not intercepted or spoofed. Access keys for the shares are passed through this encrypted, secure channel. As a result, it is very difficult to capture the keys for the shares.

So I'm supposed to take all my information that is sensitive enough for me to think about a VPN, and pass it through the eTunnels server, trusting them not to read it. Right. Not to mention they have very little information on their security, other than this one paragraph which mentions "DSA encryption." (DSA is a Digital Signature Algorithm which is not used for encryption.) And it's not that simple to get it right--Bruce Schneier found half a dozen serious holes in Microsoft's VPN. I think I'll pass.

This page was archived on 6/13/2001; 4:52:44 PM.

© Copyright 1998-2001 UserLand Software, Inc.