| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 May 2009 10:07:25 -0400 From: Dan McDonald <danmcd@....com> To: Adrian-Ken R?egsegger <rueegsegger@...ss-it.ch> Cc: netdev@...r.kernel.org Subject: Re: [danmcd@....com: [Ipsec-tools-devel] SHA-2 and RFC 4868] On Tue, May 12, 2009 at 10:16:27AM +0200, Adrian-Ken R?egsegger wrote: <mucho snippage deleted!> > > Is this just me, or is there an unfixed kernel problem in other platforms' > > AH/ESP code? > > This issues was discussed (but not resolved) a bit less than a year ago: > > http://lkml.org/lkml/2008/6/5/141 Thanks for the thread pointer. I would like it if you guys updated to RFC 4868, but I'm obviously in no position to have any influence. If you wanna test it, though, OpenSolaris has 4868 support, and if you need help for interoperability testing, just ask. BTW, it *is* possible to have user-space supply such parameters. Have a look at the ipsecalgs(1M) man page for an example: http://docs.sun.com/app/docs/doc/816-5166/ipsecalgs-1m?l=en&a=view&q=ipsecalgs In fact, we've done backward compatibility tests with MacOS X by adjusting the truncation size with ipsecalgs(1M). ISTR it worked with SHA-256. Dan -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists