mailing list archives
Re: Secure Intranet?
From: Arnaud M. <cyclic () salemioche com>
Date: Mon, 4 Nov 2002 22:33:16 +0100
On Fri, 1 Nov 2002 16:58:26 -0800
"Surmit Walia" <swalia () bay csuhayward edu> wrote:
If HTTPS is not secure enough, than why do banks use them? Just
---> Using a https server don't seem to me secure enough, but it's the
I hope it helps
Nowadays, no web application seems to be secure enough but i'm not expert.
Why https not secure enough and why do banks use them ?
https is http over ssl that's to say encryption of http traffic, authentification of hosts with use of Certificate and
integrity of http data. Network protocol used is IP
VPN ensures encryption using IPSec protocol ( instead of using IP ), authentification of hosts with RADIUS, integrity
VPN offers Private adressing that's to say data is tunneled through internet with private IP for stations ( execpt for
routers intranet/internet )
VPN allows mobile IP that's very comfortable for sb who has to travel and to access to a network anywhere he is.
So in think VPN is more suitable for you than https.
Many banks use https but it doesn't mean that https is secure, it only means that http is unsecure... And banks
websites have to be open to many ppl and https is implemented in every browser. On the contrary, no everybody has
hardware/software for using more secured protocols..
Networking Security policy may be adapted according to the application, and each actor of the communication process.
Sorry for my sloppy english ...