From owner-svn-src-all@FreeBSD.ORG Mon Feb 21 19:14:14 2011 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D40151065673 for ; Mon, 21 Feb 2011 19:14:14 +0000 (UTC) (envelope-from dougb@dougbarton.us) Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by mx1.freebsd.org (Postfix) with ESMTP id 7961D8FC1C for ; Mon, 21 Feb 2011 19:14:14 +0000 (UTC) Received: (qmail 29216 invoked by uid 399); 21 Feb 2011 19:14:10 -0000 Received: from router.ka9q.net (HELO doug-optiplex.ka9q.net) (dougb@dougbarton.us@75.60.237.91) by mail2.fluidhosting.com with ESMTPAM; 21 Feb 2011 19:14:10 -0000 X-Originating-IP: 75.60.237.91 X-Sender: dougb@dougbarton.us Message-ID: <4D62B980.2090606@dougbarton.us> Date: Mon, 21 Feb 2011 11:14:08 -0800 From: Doug Barton Organization: http://SupersetSolutions.com/ User-Agent: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.2.13) Gecko/20110129 Thunderbird/3.1.7 MIME-Version: 1.0 To: VANHULLEBUS Yvan References: <201102180940.p1I9eD29050530@svn.freebsd.org> <20110219073412.GC2016@garage.freebsd.pl> <20110221084025.GA14934@zeninc.net> <20110221092143.GA1766@garage.freebsd.pl> <20110221110156.GA15358@zeninc.net> In-Reply-To: <20110221110156.GA15358@zeninc.net> X-Enigmail-Version: 1.1.2 OpenPGP: id=1A1ABC84 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org, Pawel Jakub Dawidek Subject: Re: svn commit: r218794 - in head: . sys/netipsec X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Feb 2011 19:14:14 -0000 On 02/21/2011 03:01, VANHULLEBUS Yvan wrote: > On Mon, Feb 21, 2011 at 10:21:43AM +0100, Pawel Jakub Dawidek wrote: >> > On Mon, Feb 21, 2011 at 09:40:25AM +0100, VANHULLEBUS Yvan wrote: > [RFC4868 and MFC] >> > You can't talk to two such peers with sysctl or without anyway. I assume >> > that if someone already has tunnels configured and they work, they work, >> > because the other end uses 96 bits hashes. Once he upgrades there is no >> > way to get old behaviour back quickly. >> > >> > You are changing on-the-wire protocol in the middle of stable branch. Am >> > I alone in thinking that this is bad idea? > That's a good question. > Of other people also think it's a bad idea, I can just forget the MFC. > But the same problem will happen when we'll release 9.0. > Of course, this is easier to explain, as this will be a new branch. IMO RFC compliance trumps -stable here. Admittedly some small percentage of users will be inconvenienced, and that is unfortunate. However all users who start using this technology from here forward should get the full RFC compliant version. As Bjoern pointed out, we'll see more of this, not less because oddly enough RFC publication (like many other external factors) do not revolve around our release schedules. :) hth, Doug -- Nothin' ever doesn't change, but nothin' changes much. -- OK Go Breadth of IT experience, and depth of knowledge in the DNS. Yours for the right price. :) http://SupersetSolutions.com/