Date: Mon, 18 Jun 2001 17:54:16 +0100 From: Brian Somers <brian@Awfulhak.org> To: mi@aldan.algebra.com Cc: kris@obsecurity.org, brian@FreeBSD.org, cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org, brian@Awfulhak.org Subject: Re: cvs commit: src/usr.sbin/ppp ccp.c ccp.h command.c deflate.c fsm.c fsm.h ip.c mppe.c ppp.8 pred.c Message-ID: <200106181654.f5IGsGh07484@hak.lan.Awfulhak.org> In-Reply-To: Message from mi@aldan.algebra.com of "Mon, 18 Jun 2001 12:44:41 EDT." <200106181644.f5IGig097507@misha.privatelabs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 18 Jun, Kris Kennaway wrote:
> > On Mon, Jun 18, 2001 at 11:24:10AM -0400, Mikhail Teterin wrote:
> >> > Log:
> >> > Add support for stateful MPPE (microsoft encryption) providing
> >> > encryption compatibility with Windows 2000. Stateful encryption
> >> > uses less CPU but is bad on lossy transports.
> >>
> >> So, I suppose, I'll now be able to avoid using SSH and use PPP
> >> with encryption over a device like host:port/tcp directly, without
> >> the
> >> set login "!ssh tunnel@host"
> >>
> >> Great! Thanks,
> >
> > Only if you trust microsoft not to have screwed up the crypto, like
> > they usually do with their protocols.
>
> Well, I'm only planning to use the FreeBSD implementation of the
> protocol, which, was done from scratch and audited. Or was it not?
I'm afraid it hasn't been audited, but it's been tested fairly
thoroughly against a win2k installation.
If anyone is keen to audit it, feel free to ask me any questions. I
didn't pass it by freebsd-audit.
> -mi
--
Brian <brian@freebsd-services.co.uk> <brian@Awfulhak.org>
http://www.freebsd-services.co.uk/ <brian@[uk.]FreeBSD.org>
Don't _EVER_ lose your sense of humour ! <brian@[uk.]OpenBSD.org>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106181654.f5IGsGh07484>