Discussion:
Info required on IpSec code
(too old to reply)
Dutta Dwaip
2007-12-10 15:32:29 UTC
Permalink
Are the following IPSec RFCs supported in NetBSD or FreeBSD latest code base:
RFC 4302 -- Authentication Header
RFC 4303 -- ESP
RFC 4305 -- Cryptographic algorithms support

Is there any place which clearly tells which RFCs are supported ?

Thanks,
Dutta

--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Arnaud Degroote
2007-12-10 16:34:52 UTC
Permalink
Post by Dutta Dwaip
RFC 4302 -- Authentication Header
RFC 4303 -- ESP
RFC 4305 -- Cryptographic algorithms support
Is there any place which clearly tells which RFCs are supported ?
I fear that RFC 4302 and 4303 are not supported. The current
implementation is mostly conform to RFC 2402 / 2406. I'm sure that we
don't support ESN (Extented Sequence Number) and I'm not really sure
about the status of our ipsec and multicast. Concerning 'combined' mode,
I don't think we support them too but I'm not sure it is a requirement
(as RFC 4305 doesn't propose any real combined algorithm).

Concerning RFC 4305, I think everything is supported in NetBSD/FreeBSD,
at least in fast_ipsec implementation (not check the other one).

You may find informations about what is exactly supported in ipsec(4).

I hope it will be helpful.
--
Arnaud Degroote
***@netbsd.org


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de
Loading...