Subject: new ipsec policy engine
To: None <>
From: None <>
List: tech-net
Date: 06/12/2000 23:26:15
	I've committed latest KAME ipsec policy engine, as well as the
	latest racoon pkgsrc (pkgsrc/security/racoon).  I ran key exchange
	between KAME/NetBSD 1.4.2 node and netbsd-current node before commit,
	so it should work okay.  we may need more detailed tests.

	racoon pkgsrc has couple of known caveats, which should be addressed
	soon.  if you are curious, see pkgsrc/security/racoon/pkg/DESCR.

	I do not intend to chase KAME ipsec tree for kernel side (modulo
	serious bugs, of coursee).  I'll update racoon pkgsrc whenever

	please update libipsec and setkey(8) if you use latest kernel.

	please let me know if any of the ipsec-related PRs still persist,
	or they are fixed.