[Openswan dev] IPSECPOLICY flag in Makefile.inc
Herbert Xu
herbert at gondor.apana.org.au
Sat Jul 3 08:53:18 CEST 2004
On Fri, Jul 02, 2004 at 04:44:31PM -0400, Michael Richardson wrote:
>
> (Please recall that I spent 4 years working with KAME before being
> hired onto the FreeS/WAN team. I worked on the NRL and Sun code that
> the RFCs that KAME was based upon were based upon.)
I apologise if I sounded hostile towards you. This was not intended.
> Actually, 26sec and racoon can not do what is proposed.
>
> You can say, "I want this secure", and you can say "I want to form a
> tunnel with FOO", but you can not specify what the identity of the
> remote system is supposed to be.
You mean the identity of the remote security gateway? No that can't
be specified beyond the IP address as it is.
> The sockopt interface is pretty limited.
Perhaps. But the current form can be easily extended since the interface
is based on arbitrary strings parsed by each interface module.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Dev
mailing list