Date: Wed, 2 Dec 1998 17:48:09 -0800 (PST) From: Christopher Nielsen <enkhyl@scient.com> To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> Cc: Ollivier Robert <roberto@keltia.freenix.fr>, hackers@FreeBSD.ORG Subject: Re: Can we just come to a decision on IPv6 and IPSec? Message-ID: <Pine.BSF.4.05.9812021645210.321-100000@ender.sf.scient.com> In-Reply-To: <9801.912642136@zippy.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2 Dec 1998, Jordan K. Hubbard wrote: > > They're supposed to be able to talk to each others. Key distribution (IKE) > > is still a hot topic for every IPsec implementation anyway. > > Yes, but Photuris seems to work "well enough" to serve OpenBSD's needs > and all I'm looking for is an equivalent level of functionality. I'll > say it again, if either KAME or INRIA can give us _equivalent_ > functionality to what's being used today, I'd say the choice will be > pretty clear since it's not the vaporware features we want to be > basing our decision on. I think OpenBSD just recently started to develop IKE in their IPsec implementation (this is based on commit messages I saw go by). The port that's sitting in the PR database uses Photuris, which only supports pre-shared secrets. KAME is starting to use IKE for establishing SAs (Security Associations). IKE is the future of IPsec. KAME also supports IPsec in both IPv6 and IPv4. Also, I'd say Mike Smith has a good point about three active, paid, full-time developers for KAME, as well. -- Christopher Nielsen Scient: The eBusiness Systems Innovator <http://www.scient.com>; cnielsen@scient.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.05.9812021645210.321-100000>