From owner-freebsd-security@FreeBSD.ORG  Thu Dec 16 15:17:58 2010
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 6C2911065670
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 15:17:58 +0000 (UTC)
	(envelope-from mailnull@mips.inka.de)
Received: from mail-in-07.arcor-online.net (mail-in-07.arcor-online.net
	[151.189.21.47])
	by mx1.freebsd.org (Postfix) with ESMTP id 1E7438FC12
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 15:17:57 +0000 (UTC)
Received: from mail-in-12-z2.arcor-online.net (mail-in-12-z2.arcor-online.net
	[151.189.8.29]) by mx.arcor.de (Postfix) with ESMTP id 8C7BC1081C9
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 15:47:09 +0100 (CET)
Received: from mail-in-06.arcor-online.net (mail-in-06.arcor-online.net
	[151.189.21.46])
	by mail-in-12-z2.arcor-online.net (Postfix) with ESMTP id 7DD581DF394
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 15:47:09 +0100 (CET)
Received: from lorvorc.mips.inka.de (dslb-094-217-108-083.pools.arcor-ip.net
	[94.217.108.83])
	by mail-in-06.arcor-online.net (Postfix) with ESMTPS id 4D5AD10C127
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 15:47:09 +0100 (CET)
X-DKIM: Sendmail DKIM Filter v2.8.2 mail-in-06.arcor-online.net 4D5AD10C127
Received: from lorvorc.mips.inka.de (localhost [127.0.0.1])
	by lorvorc.mips.inka.de (8.14.4/8.14.3) with ESMTP id oBGEl8BT022314
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 15:47:08 +0100 (CET)
	(envelope-from mailnull@lorvorc.mips.inka.de)
Received: (from mailnull@localhost)
	by lorvorc.mips.inka.de (8.14.4/8.14.4/Submit) id oBGEl8dh022313
	for freebsd-security@freebsd.org; Thu, 16 Dec 2010 15:47:08 +0100 (CET)
	(envelope-from mailnull)
From: naddy@mips.inka.de (Christian Weisgerber)
Date: Thu, 16 Dec 2010 14:47:08 +0000 (UTC)
Message-ID: <ied8pc$lj8$1@lorvorc.mips.inka.de>
References: <4d08a854.w8rPywliRhHs/MXH%akosela@andykosela.com>
	<AANLkTind3UU+NbJeF6-nKrcZgUV6aEY93cwtWuO1yVFV@mail.gmail.com>
	<AANLkTi=J+w1ev6=x3eUP8nQy6fVWw_cyf=nP=zD8TnOd@mail.gmail.com>
	<AANLkTiky7GAJba_T4Ry3T+URi-O4uynstjw4TtU04kOx@mail.gmail.com>
Originator: naddy@mips.inka.de (Christian Weisgerber)
To: freebsd-security@freebsd.org
Subject: Re: Allegations regarding OpenBSD IPSEC
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Dec 2010 15:17:58 -0000

Rob Farmer <rfarmer@predatorlabs.net> wrote:

> They won't be secondary if someone does find a minor bug in the
> network stack (regardless who introduced it or if it is even related),
> which will probably happen given the attention this will invariably
> receive.

Here's the first one:
http://marc.info/?l=openbsd-cvs&m=129245633605693&w=2

(Not a back door, but actually recommended practice at the time,
see RFC 2451.)
-- 
Christian "naddy" Weisgerber                          naddy@mips.inka.de