Date: Fri, 13 Aug 2004 19:39:23 +0200 From: Vincent Jardin <vjardin@free.fr> To: Bruce M Simpson <bms@spc.org>, Nathan K <doesnotcount@hotmail.com> Cc: freebsd-net@FreeBSD.org Subject: Re: [Xorp-users] MD5 Support Message-ID: <200408131939.30875.vjardin@free.fr> In-Reply-To: <20040812040745.GA781@empiric.icir.org> References: <BAY19-F146mTBb5VYUd0002573c@hotmail.com> <20040812040745.GA781@empiric.icir.org>
next in thread | previous in thread | raw e-mail | index | archive | help
=2D----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Future Directions for XORP > -------------------------- > > As PF_KEY is somewhat standardized (RFC 2367 Informational) and well > documented (UNIX Network Programming Vol1 2e Fenner et al) this is a > portable way of achieving this across the BSDs. Linux (FreeS/WAN et > cetera) may be another story. =46YI, Linux does support PF_KEY too. > > Future Directions for TCP-MD5 > ----------------------------- > > This would however require that applications such as Quagga and XORP speak > fluent PF_KEY in the BSD dialect. I think that the routing protocols will have to speak fluently PF_KEY becau= se=20 even for OSPFv2/MD5 or RIP/MD5 the keys could be provided by a "key daemon"= =2E=20 This concept is already described by the RFC 2367, section 1.2 and section= =20 5.3 (OSPF Securrity Example). Regards, Vincent =2D----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQFBHPzRj1uHAMmANdgRAprWAKDtG8oLQUa7SevIgqVNyjZpzsguoACfZMUy LsKFJkGeWhH+lhXNZw7ShA4=3D =3DLvtl =2D----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200408131939.30875.vjardin>