From owner-freebsd-security@FreeBSD.ORG  Thu Dec 16 16:41:38 2010
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 7478E106566C
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 16:41:38 +0000 (UTC)
	(envelope-from andy.kosela@gmail.com)
Received: from mail-bw0-f49.google.com (mail-bw0-f49.google.com
	[209.85.214.49])
	by mx1.freebsd.org (Postfix) with ESMTP id EF9BA8FC1A
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 16:41:37 +0000 (UTC)
Received: by bwz5 with SMTP id 5so3873780bwz.8
	for <freebsd-security@freebsd.org>;
	Thu, 16 Dec 2010 08:41:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:sender:received
	:in-reply-to:references:date:x-google-sender-auth:message-id:subject
	:from:to:cc:content-type;
	bh=WRVOL9LfKsY4TjboXxHFVGCtVkDjfKYn9yyh12E0asc=;
	b=nft+6YTaKOpxHunUQx72Ty8/n2mS76LnA8kd9S6uPqcguvEXu+b5VSl0U3DRoKjKQf
	/Vrpo0LJUDpnJcVR7yihNlCSALhKCM8i0ixAH9s9yDfK8m6EgqFRsdAGvyBiG3DIDMua
	ddteBoUNg9ifggqF5YCP8oe2XmV/EYKy0lreQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:sender:in-reply-to:references:date
	:x-google-sender-auth:message-id:subject:from:to:cc:content-type;
	b=x3pHjgioc+5TVwqBkBtyLOCmnWXlx9FP6W9VjYDt1T2ldtLQcKFiw155Rok/OxXuDU
	2dg5m3HGlbwhj1hFJD/6WHAJzcVAaEV66VQj2Jbf0VYh/8JEptxPl6ppTPjGzcHUmiJm
	SCQsNS3EYdhndkWo4SN5bMwwIhlTPNwtPI4tg=
MIME-Version: 1.0
Received: by 10.204.46.18 with SMTP id h18mr7650830bkf.113.1292517695502; Thu,
	16 Dec 2010 08:41:35 -0800 (PST)
Sender: andy.kosela@gmail.com
Received: by 10.204.121.147 with HTTP; Thu, 16 Dec 2010 08:41:35 -0800 (PST)
In-Reply-To: <ied8pc$lj8$1@lorvorc.mips.inka.de>
References: <4d08a854.w8rPywliRhHs/MXH%akosela@andykosela.com>
	<AANLkTind3UU+NbJeF6-nKrcZgUV6aEY93cwtWuO1yVFV@mail.gmail.com>
	<AANLkTi=J+w1ev6=x3eUP8nQy6fVWw_cyf=nP=zD8TnOd@mail.gmail.com>
	<AANLkTiky7GAJba_T4Ry3T+URi-O4uynstjw4TtU04kOx@mail.gmail.com>
	<ied8pc$lj8$1@lorvorc.mips.inka.de>
Date: Thu, 16 Dec 2010 17:41:35 +0100
X-Google-Sender-Auth: ovfazt2ZLtRFPCh9TG8KpyUlsXk
Message-ID: <AANLkTi=4kmDkfq1caZevmXbsyyGEWDAB+jGwF-buCX=X@mail.gmail.com>
From: Andy Kosela <akosela@andykosela.com>
To: Christian Weisgerber <naddy@mips.inka.de>
Content-Type: text/plain; charset=ISO-8859-1
Cc: freebsd-security@freebsd.org
Subject: Re: Allegations regarding OpenBSD IPSEC
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Dec 2010 16:41:38 -0000

On Thu, Dec 16, 2010 at 3:47 PM, Christian Weisgerber
<naddy@mips.inka.de> wrote:
> Rob Farmer <rfarmer@predatorlabs.net> wrote:
>
>> They won't be secondary if someone does find a minor bug in the
>> network stack (regardless who introduced it or if it is even related),
>> which will probably happen given the attention this will invariably
>> receive.
>
> Here's the first one:
> http://marc.info/?l=openbsd-cvs&m=129245633605693&w=2

Like des@ written in the other post even if the backdoor is still
present in the OpenBSD code, IMHO it is very probable that FreeBSD is
unaffected as the FreeBSD OCF implementation has been substantially
modified.

http://www.usenix.org/publications/library/proceedings/bsdcon03/tech/leffler_crypto/leffler_crypto.pdf

Either way we will all know for sure in the not distant future...

--Andy