From owner-freebsd-net@FreeBSD.ORG  Sun Apr  8 14:36:29 2007
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: net@FreeBSD.org
Delivered-To: freebsd-net@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 7F5A316A403
	for <net@FreeBSD.org>; Sun,  8 Apr 2007 14:36:29 +0000 (UTC)
	(envelope-from gnn@neville-neil.com)
Received: from mrout1-b.corp.dcn.yahoo.com (mrout1-b.corp.dcn.yahoo.com
	[216.109.112.27])
	by mx1.freebsd.org (Postfix) with ESMTP id 4A65913C44B
	for <net@FreeBSD.org>; Sun,  8 Apr 2007 14:36:29 +0000 (UTC)
	(envelope-from gnn@neville-neil.com)
Received: from minion.local.neville-neil.com (proxy7.corp.yahoo.com
	[216.145.48.98])
	by mrout1-b.corp.dcn.yahoo.com (8.13.8/8.13.8/y.out) with ESMTP id
	l38EQ2tX011005; Sun, 8 Apr 2007 07:26:03 -0700 (PDT)
Date: Sun, 08 Apr 2007 23:25:37 +0900
Message-ID: <m2y7l32ba6.wl%gnn@neville-neil.com>
From: gnn@FreeBSD.org
To: Jeremie Le Hen <jeremie@le-hen.org>
In-Reply-To: <20070407101600.GF11297@obiwan.tataz.chchile.org>
References: <m21wix61iy.wl%gnn@neville-neil.com> <46171DB2.6070705@FreeBSD.org>
	<20070407101600.GF11297@obiwan.tataz.chchile.org>
User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8
	(=?ISO-8859-4?Q?Shij=F2?=) APEL/10.7 Emacs/22.0.95
	(i386-apple-darwin8.8.2) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset=US-ASCII
Cc: "Bruce M. Simpson" <bms@FreeBSD.org>, net@FreeBSD.org
Subject: Re: A radical restructuring of IPsec...
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Apr 2007 14:36:29 -0000

At Sat, 7 Apr 2007 12:16:00 +0200,
Jeremie Le Hen wrote:
> 
> Hi, Bruce,
> 
> On Sat, Apr 07, 2007 at 05:27:30AM +0100, Bruce M. Simpson wrote:
> > I'm all for this in principle. I believe that the case for FAST_IPSEC 
> > over KAME IPSEC is fairly clear for those of us who have read the USENIX 
> > paper. Qualitatively speaking I can say FAST_IPSEC has been more 
> > pleasant to work with when introducing the TCP-MD5 support.
> 
> Would you point out the paper you're talking about please ?
> 
http://www.usenix.org/events/bsdcon03/tech/leffler_ipsec.html

You need a password (i.e. you need to be a USENIX member) to read it.

> George,
> 
> Thank you for your work!
> 

Thank me when it's done ;-)

> I'm a little sorrowful to see KAME's work going to be forgotten, but
> well, this is Darwin's law :-).
> 
> BTW, a couple of years ago, I've tried KAME's snapshot against my
> RELENG_4's tree.  There was a number of features that weren't in the
> base system and I'm pretty sure this is still the case.  I can't
> remember them all but one: NAT-PT (RFC2766) (IPv4<->IPv6
> translation).  Do you have any idea what those features will become
> in later days ?

I am working with another person who is interested in that and who has
patches, Yvan VANHULLEBUS, who also posts here.

Best,
George