Date: Wed, 15 Mar 2006 22:59:15 +0100 From: Pawel Jakub Dawidek <pjd@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: arch@freebsd.org Subject: Re: netatm: plan for removal unless an active maintainer is found Message-ID: <20060315215915.GB16188@garage.freebsd.pl> In-Reply-To: <20060315105031.E5861@fledge.watson.org> References: <20060315004530.B5861@fledge.watson.org> <20060314.204252.74651890.imp@bsdimp.com> <20060315105031.E5861@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--4bRzO86E/ozDv8r1 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Mar 15, 2006 at 10:54:40AM +0000, Robert Watson wrote: +> Otherwise, with the exception of KAME IPSEC, the network stack code is a= ctually in pretty good shape for removing the Giant compat shims. We've ha= d at least a couple of=20 +> people say they're willing to work on this and take steps in the right d= irection (including some initial patches for IPSEC improvement), but I gues= s we'll see come August=20 +> whether it has happened. The discussion has always been about whether i= t's better to add IPv6 support to FAST_IPSEC, or lock down KAME IPSEC. Bot= h are desirable, and both=20 +> require significant familiarity with the code and protocols involved. Let me add my two cents. There are actually two things to do with KAME IPsec: MPSAFE and crypto(9) support and only one thing (IPv6) in case of fast_ipsec(4), so I think it will be much easier to add IPv6 support to fast_ipsec(4) and just drop KAME IPsec, so we can have one, full functional IPsec stack. This is really confusing for the users. When I first heard of fast_ipsec(4) I thought it only works with crypto HW and if I need to do cryptography in software I need KAME IPsec. But that's just an opinion of a passive observer:) --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --4bRzO86E/ozDv8r1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFEGI4yForvXbEpPzQRAuNJAKCJp1AqWN4F9QsSPY3rkNwFwMA5LQCfRNx3 T9TlhIZqePaUpBJsOgzfJ68= =L8YU -----END PGP SIGNATURE----- --4bRzO86E/ozDv8r1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060315215915.GB16188>