| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20090706.185411.136676235.davem@davemloft.net> Date: Mon, 06 Jul 2009 18:54:11 -0700 (PDT) From: David Miller <davem@...emloft.net> To: herbert@...dor.apana.org.au Cc: christophe@...ut.de, netdev@...r.kernel.org Subject: Re: [RFC] Fixing up TCP/UDP checksum for UDP encap. ESP4 packets in transport mode From: Herbert Xu <herbert@...dor.apana.org.au> Date: Tue, 7 Jul 2009 09:40:08 +0800 > Hmm I deliberately didn't want to have this as the default because > I want whoever that enables it to think about the implications. > Having it on by default means that people will just set this up > without realising that they're leaving the packet unprotected by > checksums for a fraction of the path. > > As I explained, it's almost impossible to use this without leaving > the packet unprotected at least in one direction. > > Having said that I'm fine with turning this into a sysctl or some > global setting that's easier to enable. Hmmm, aren't we talking about packets which were protected by either a hash, strong encryption, or both at some point? -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists