[Openswan Users] openbsd ipsec backdoor rumors

Paul Wouters paul at xelerance.com
Tue Dec 14 18:49:46 EST 2010


FYI.

As a side note, I do think the freeswan IPsec stack pre-dated the
openbsd one, I would have to closely verify release dates.


http://marc.info/?l=openbsd-tech&m=129236621626462&w=2

List:       openbsd-tech
Subject:    Allegations regarding OpenBSD IPSEC
From:       Theo de Raadt <deraadt () cvs ! openbsd ! org>
Date:       2010-12-14 22:24:39
Message-ID: 201012142224.oBEMOdWM031222 () cvs ! openbsd ! org
[Download message RAW]

I have received a mail regarding the early development of the OpenBSD
IPSEC stack.  It is alleged that some ex-developers (and the company
they worked for) accepted US government money to put backdoors into
our network stack, in particular the IPSEC stack.  Around 2000-2001.

Since we had the first IPSEC stack available for free, large parts of
the code are now found in many other projects/products.  Over 10
years, the IPSEC code has gone through many changes and fixes, so it
is unclear what the true impact of these allegations are.

[...]


More information about the Users mailing list