Date: Thu, 3 Dec 1998 12:31:37 +0200 (SAT) From: Graham Wheeler <gram@cdsec.com> To: hackers@FreeBSD.ORG Subject: Re: Can we just come to a decision on IPv6 and IPSec? Message-ID: <199812031031.MAA29796@cdsec.com>
next in thread | raw e-mail | index | archive | help
Just my $0.02: We are currently using KAME in our firewall, which is running on 2.2.7 at present. I know the concern is what about 3.x, but the KAME guys are aiming at that. Our experience is that the KAME guys are putting in a serious amount of effort (do they ever sleep, we sometimes wonder). The IPSec code is working well. The IKE code does transport mode but not tunnel mode at present, and only uses shared secret keys at present. But work is progressing at a good rate. Photuris may work, but never made it past the draft standard stage (even though it is arguably better than IKE). Photuris may be a short term solution, but eventually IKE must be supported. I'm not too familiar with the other IPSec implementations, but the level of commitment and progress being made by the KAME group gets them our vote. -- Dr Graham Wheeler E-mail: gram@cdsec.com Citadel Data Security Phone: +27(21)23-6065/6/7 Internet/Intranet Network Specialists Mobile: +27(83)253-9864 Firewalls/Virtual Private Networks Fax: +27(21)24-3656 Data Security Products WWW: http://www.cdsec.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812031031.MAA29796>