Date: Thu, 16 Mar 2006 09:05:40 +0100 From: Massimo Lusetti <massimo@cedoc.mo.it> To: Pawel Jakub Dawidek <pjd@FreeBSD.org> Cc: arch@freebsd.org, Robert Watson <rwatson@FreeBSD.org> Subject: KAME/Fast IPSEC (was Re: netatm: plan for removal unless an active maintainer is found) Message-ID: <1142496340.4311.12.camel@massimo.datacode.it> In-Reply-To: <20060315215915.GB16188@garage.freebsd.pl> References: <20060315004530.B5861@fledge.watson.org> <20060314.204252.74651890.imp@bsdimp.com> <20060315105031.E5861@fledge.watson.org> <20060315215915.GB16188@garage.freebsd.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 2006-03-15 at 22:59 +0100, Pawel Jakub Dawidek wrote: > Let me add my two cents. There are actually two things to do with KAME > IPsec: MPSAFE and crypto(9) support and only one thing (IPv6) in case of > fast_ipsec(4), so I think it will be much easier to add IPv6 support to > fast_ipsec(4) and just drop KAME IPsec, so we can have one, full > functional IPsec stack. > > This is really confusing for the users. When I first heard of > fast_ipsec(4) I thought it only works with crypto HW and if I need to do > cryptography in software I need KAME IPsec. > > But that's just an opinion of a passive observer:) I also would like to see more clearness on this, Pawel is right saying it's a confusing situation. Ciao -- Massimo There are more way to do things, one is the bsd-way the others are wrong
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1142496340.4311.12.camel>