Subject Re: [IB-Architect] Including encryption
Author Bill Karwin
My opinion is motivated by prioritization of InterBase features. I admit
that's out of place on this list. My apologies.

I think there are a significant number of cases where network encryption is
redundant because a security-conscious site already encrypts the network
transparently to application protocols like InterBase. If that's the case,
then why bother with encryption in the InterBase protocol when we could
concentrate on other features? It's a priorities argument.

InterBase encryption is a fine idea for those other sites that want
encryption but do not have or need VPNs or transparent encryption solutions
in general (there are also hardware-based encryption solutions).

Other specific comments below:

----- Original Message -----
From: "Doug Chamberlin" <dchamberlin@...>
> But if we had database level encryption of some sort we might not have to
> go to the VPN level at all.

Ah, but you're missing the point. That's a technical argument that you're
using, and these potential IT shops that I have in mind (I have had the
pleasure of working with one this week) don't respond to technical
arguments. They have their policy and that's that.

> > They are *not* going to open up port 3050, even if
> >InterBase includes encryption technology.
> But an argument can be made that a database product needs *some* port on
> which to communicate and since we can redirect Interbase to another port
> number they can pick which one they are willing to assign.

They don't need to open up any port.

Tunneling works by passing all traffic over one port, and then sorting out
where each connection goes after it's passed through the tunnel. So
InterBase can still use 3050 even though the firewall doesn't open port 3050
to the outside world. Traffic going through the tunnel on port, for
instance, UDP 50, is tagged with the real port it's trying to use. Once it
passes inside the VPN boundary, different connections are directed to the
port they want.

The point is that a policy for a VPN just plain won't allow port 3050 or
anything else to be opened, and it doesn't have to. Everything has to go
through the tunnel, and therefore all the traffic is encrypted. In these
situations, InterBase-supplied encryption is redundant and likely to be
weaker than that of the VPN.

Here's an article on VPN technology (from July 1997):

Bill Karwin