tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: remote kernel debugging over a network

Thor Lancelot Simon wrote:
IPKDB used a custom MD5-based packet hash for "security".  I actually
think it would probably be very easy to support a single IPsec ESP
security association instead.  The hair with IPsec is all with key
negotiation.  Don't bother, and don't do some things like replay
protection, and ESP is a very simple, compact little shim layer on IP.
ESP requires a random-number generator with cryptographic quality. I'm not sure we can provide that in the limited environment of the kernel debugger.

Jordan Gordeev

Home | Main Index | Thread Index | Old Index