current-users: Re: IPSEC disabled by default

Subject: Re: IPSEC disabled by default - why?
To: Matthias Scheler <tron@zhadum.de>
From: None <itojun@iijlab.net>
List: current-users
Date: 06/18/2004 11:34:22

>In article <20040617164707.GA2534@boogers.sf.ca.us>,
>	Jeff Rizzo <riz@redcrowgroup.com> writes:
>> I was just curious what the reason is that IPSEC is disabled in pretty
>> much _all_ the kernel configs that ship with NetBSD,
>
>Because having IPSec (the KAME implementation, I don't know about fast IPSec)
>in the kernel slows down networking. That  happens if you don't use it at all.

	no, that is not the reason.  the reason is that there are ftp mirror
	servers where tribution of strong crypto software is prohibited.

itojun