lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Wed, 12 Dec 2007 09:52:54 +0800
From:	Herbert Xu <>
To:	Tyler Hicks <>
Subject: Re: [IPSEC] RFC 4301 PFP Support

On Tue, Dec 11, 2007 at 01:34:45PM -0800, Tyler Hicks wrote:
> Should we just use the larval selectors or should we assume that
> openswan will begin to send valid selectors?  I asked for the openswan
> dev's opinions and they referred me to Herbert Xu.  It seems as though
> the correct solution would be for openswan to pass valid selectors in
> UPDSA messages, even if it is the larval selectors we gave them.

Yes we should patch openswan to generate the correct SA selectors.

With the previous standard SA selectors were redundant due to the
presence of policy selectors.  But with RFC 4301 the KM should
start setting them.

Visit Openswan at
Email: Herbert Xu ~{PmV>HI~} <>
Home Page:
PGP Key:
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists