Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 18 Feb 2011 13:21:31 +0000 (UTC)
From:      VANHULLEBUS Yvan <vanhu@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r218796 - head
Message-ID:  <201102181321.p1IDLVU6059065@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: vanhu
Date: Fri Feb 18 13:21:30 2011
New Revision: 218796
URL: http://svn.freebsd.org/changeset/base/218796

Log:
  Moved the general note about FreeBSD 9.x at the beginning of the list.

Modified:
  head/UPDATING

Modified: head/UPDATING
==============================================================================
--- head/UPDATING	Fri Feb 18 09:47:58 2011	(r218795)
+++ head/UPDATING	Fri Feb 18 13:21:30 2011	(r218796)
@@ -9,16 +9,6 @@ handbook.
 Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before running portupgrade.
 
-20110218:
-	IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868
-	compliant, and will now use half of hash for authentication.
-	This will break interoperability with all stacks (including all
-	actual FreeBSD versions) who implement
-	draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for
-	authentication).
-	The only workaround with such peers is to use another HMAC
-	algorithm for IPsec ("phase 2") authentication.
-
 NOTE TO PEOPLE WHO THINK THAT FreeBSD 9.x IS SLOW:
 	FreeBSD 9.x has many debugging features turned on, in both the kernel
 	and userland.  These features attempt to detect incorrect use of
@@ -32,6 +22,16 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 9.
 	machines to maximize performance.  (To disable malloc debugging, run
 	ln -s aj /etc/malloc.conf.)
 
+20110218:
+	IPsec's HMAC_SHA256-512 support has been fixed to be RFC4868
+	compliant, and will now use half of hash for authentication.
+	This will break interoperability with all stacks (including all
+	actual FreeBSD versions) who implement
+	draft-ietf-ipsec-ciph-sha-256-00 (they use 96 bits of hash for
+	authentication).
+	The only workaround with such peers is to use another HMAC
+	algorithm for IPsec ("phase 2") authentication.
+
 20110207:
 	Remove the uio_yield prototype and symbol.  This function has
 	been misnamed since it was introduced and should not be

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201102181321.p1IDLVU6059065>