Re: Fwd: Re: [Vrs-development] More info

[Bill Lance]

--- Open Source <address@hidden> wrote:

> 
> Why not use IDSec for this purpose? Do u think it
> might fit our work?
> 

Don't know much about it, except it's implemented in
PHP.  And as far as we understand it now, that is the
third service level talked about in the Architecture
page, the 'encapsulated Total server'.  That means
that the LDS runs with the full programatic resources
of a dedicated server, but within the LDS sandbox.

That's a problem we have not even begun to look at.



 
> I wasn't thinking abt this project alone. I was
> thinking of a cluster in US with a LDS from another
> country joining this node. Will not the export
> policy
> of US prevent the LDS from providing maybe a 128 bit
> encryption? If we decide to use SSL, then we might
> have to provide a 40 bit encryption for LDS outside
> US
> soil.
> 

Ah ... But I don't think that means that 128 bit, or
higher, is illegal outside of the US if it originates
from outside the US.  But you are absolutly right that

these questions need to be addressed.


>  
> > Know anyone who might bring some expertese to
> that?
> > 
> >  
> We could try this on the All hands meet.
> 
> I have an idea. It is quite difficult to determine
> when an attack can take place. Don't u think it will
> be better if we have a default intrusion detection
> system in place such as netsaint (www.netsaint.org),
> opennms (www.opennms.org), snort
> (www.sourcefire.com/snort)
> 
>

Ya ... especially if we can figure out the
'encapsulated server' thing.


__________________________________________________
Do You Yahoo!?
Yahoo! Sports - live college hoops coverage
http://sports.yahoo.com/