[Openswan dev] IPSECPOLICY flag in Makefile.inc

Herbert Xu herbert at gondor.apana.org.au
Sat Jul 3 08:53:18 CEST 2004

On Fri, Jul 02, 2004 at 04:44:31PM -0400, Michael Richardson wrote:
>   (Please recall that I spent 4 years working with KAME before being
> hired onto the FreeS/WAN team.  I worked on the NRL and Sun code that
> the RFCs that KAME was based upon were based upon.)

I apologise if I sounded hostile towards you.  This was not intended.

>   Actually, 26sec and racoon can not do what is proposed.
>   You can say, "I want this secure", and you can say "I want to form a
> tunnel with FOO", but you can not specify what the identity of the
> remote system is supposed to be. 

You mean the identity of the remote security gateway? No that can't
be specified beyond the IP address as it is.

>   The sockopt interface is pretty limited.

Perhaps.  But the current form can be easily extended since the interface
is based on arbitrary strings parsed by each interface module.

Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

More information about the Dev mailing list