Date: Sun, 1 Mar 1998 00:01:55 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Ollivier Robert <roberto@keltia.freenix.fr> Cc: freebsd-security@FreeBSD.ORG Subject: Re: crypto tunnel - international Message-ID: <Pine.BSF.3.96.980228235805.25827A-100000@trojanhorse.pr.watson.org> In-Reply-To: <19980301025112.A25490@keltia.freenix.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 1 Mar 1998, Ollivier Robert wrote: > According to Jordan K. Hubbard: > > I really don't see what OpenBSD can export which we cannot and it would > > be really nifty if you could give us details on what is missing from > > FreeBSD. > > They have IPsec in /usr/src along with Photuris (key management). IPsec sounds great, but I was under the impression that Photuris was largely not happening, and that ISA-KMP was being used. I'm a little behind in the IPsec world, but the impression I last had was "ISA-KMP/Oakley: feature-poor, here today, and well-presented; Photuris: does everything, not here today, and with a very split design base because of disagreements in the working group" or something. I was also under the impression that the FreeBSD reason for holding out in having an IPsec implementation shipped with the system was that the plethora of implementations out there had largely not matured, and we would wait for a clear winner. Again, I haven't followed IPsec closely at all -- DNSsec and distributed file system security (Coda, etc) are really my areas of interest :). Robert N Watson Carnegie Mellon University http://www.cmu.edu/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980228235805.25827A-100000>