Re: IPSec, VPN and PKI

["Dom De Vitto" <dom_(_at_)_DeVitto_(_dot_)_com>]

IPSEC is a (standard) VPN protocol.

VPNs need shared piecesces of secret information (keys) to encrypt/
decrypt the data going into/out of the tunnel.

Public key technologies can be used transfer these keys securely over
an insecure channel, but the public keys initially need exchanging in
a trustworthy (though not necessarily secret) way, or both ends must
accept that the presented public key is corect and from the right
source.

PKI is a way for these public keys to be distributed.

So, you can do VPNs without knowning any PKI or public key stuff.
But most people at least need to know the basics of public key
crypto before understanding/debugging VPNs, and it's a portable bit
of knowledge - IPSEC, TLS, SSL, PGP, HTTPS and other technologies
are basically wrappers around public key crypto, so understanding it
is a useful thing.


Dom
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Dom De Vitto                                       Tel. 07855 805 271
http://www.devitto.com                         mailto:dom_(_at_)_devitto_(_dot_)_com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


-----Original Message-----
From: owner-misc_(_at_)_openbsd_(_dot_)_org [mailto:owner-misc_(_at_)_openbsd_(_dot_)_org] On Behalf
Of Gustavo Vieira Gonçalves Coelho Rios
Sent: Saturday, July 05, 2003 11:35 PM
To: misc_(_at_)_openbsd_(_dot_)_org
Subject: IPSec, VPN and PKI


Is there any relations between theses three concepts ?
I mean: is one of them a pre-requesite to understand the other ?

Thanks