>This is great news -- one of the big hangups in our interop testing at NAI
>Labs was the like of IKE on FreeBSD. I notice that right now racoon is a
>port -- assuming this interpretation is correct, are their any plans to
>integrate racoon as a base system component? As you point out, without
>IKE, FreeBSD's IPsec implementation is effectively useless for
>cross-platform communication due to the number of frobs in SA
>configuration. I also look forward to the rapid MFC'ing, assuming that
>the code works :-).
this is because we expect to have so many many changes/improvements
in racoon - once we put racoon into base tree, we need to be much
more careful about backward-compatibility in config file, for
example. also, we need to improve kernel policy management for
socket-based policy, and process-to-process policy inheritance.
itojun
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
