Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 06 Jul 2000 03:57:51 +0900
From:      itojun@iijlab.net
To:        Robert Watson <rwatson@FreeBSD.org>
Cc:        Kris Kennaway <kris@FreeBSD.org>, current@FreeBSD.org
Subject:   Re: KAME integration and plans
Message-ID:  <12255.962823471@coconut.itojun.org>
In-Reply-To: rwatson's message of Wed, 05 Jul 2000 13:24:07 -0400. <Pine.NEB.3.96L.1000705132132.28854C-100000@fledge.watson.org>

next in thread | previous in thread | raw e-mail | index | archive | help

>This is great news -- one of the big hangups in our interop testing at NAI
>Labs was the like of IKE on FreeBSD.  I notice that right now racoon is a
>port -- assuming this interpretation is correct, are their any plans to
>integrate racoon as a base system component?  As you point out, without
>IKE, FreeBSD's IPsec implementation is effectively useless for
>cross-platform communication due to the number of frobs in SA
>configuration.  I also look forward to the rapid MFC'ing, assuming that
>the code works :-).

	this is because we expect to have so many many changes/improvements
	in racoon - once we put racoon into base tree, we need to be much
	more careful about backward-compatibility in config file, for
	example.  also, we need to improve kernel policy management for
	socket-based policy, and process-to-process policy inheritance.

itojun


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?12255.962823471>