encrypted app inside encrypted tunnel.... why?
Yann Renard
yann.renard.mailing-lists "at" tiscali.fr
Mon Apr 25 20:05:01 2005
Erik Soderquist wrote:
> I've a question... isn't the point of connecting via a vpn so you don't
> have to be concerned about the security of individual apps since the vpn
> connection itself is supposed to be secure? I very often see references
> to using an encrypted app with a vpn link, and similarly so references
> to not caring about the security of the app until *after* it is going to
> be used in the encrypted vpn tunnel?
>
> can someone please explain this seemingly backwards logic?
Depending on the security level you need, the vpn may not be secure
enough... It just protects the connection regarding out-of-the-vpn
people. But it does not provide protection against people present on the
vpn. Therefore, one may want to double-encrypt the connection to
definitely protect the travelling data.
Hope this helps...
Regards,
Yann