KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active
maintainer is found)
Massimo Lusetti
massimo at cedoc.mo.it
Thu Mar 16 08:05:46 UTC 2006
On Wed, 2006-03-15 at 22:59 +0100, Pawel Jakub Dawidek wrote:
> Let me add my two cents. There are actually two things to do with KAME
> IPsec: MPSAFE and crypto(9) support and only one thing (IPv6) in case of
> fast_ipsec(4), so I think it will be much easier to add IPv6 support to
> fast_ipsec(4) and just drop KAME IPsec, so we can have one, full
> functional IPsec stack.
>
> This is really confusing for the users. When I first heard of
> fast_ipsec(4) I thought it only works with crypto HW and if I need to do
> cryptography in software I need KAME IPsec.
>
> But that's just an opinion of a passive observer:)
I also would like to see more clearness on this, Pawel is right saying
it's a confusing situation.
Ciao
--
Massimo
There are more way to do things, one is the bsd-way the others are wrong
More information about the freebsd-arch
mailing list