Subject: Re: hardware crypto (fwd)
To: Bill Sommerfeld <>
From: None <>
List: tech-security
Date: 04/13/2000 00:31:14
  by with SMTP; 12 Apr 2000 15:32:11 -0000
	by (8.9.3+3.2W/3.7W) with ESMTP id AAA07496;
	Thu, 13 Apr 2000 00:31:14 +0900 (JST)
To: Bill Sommerfeld <>
In-reply-to: sommerfeld's message of Tue, 11 Apr 2000 16:43:40 -0400.
Subject: Re: hardware crypto (fwd) 
Date: Thu, 13 Apr 2000 00:31:14 +0900
Message-ID: <>

>Angelos Keromytis did at least some of the hardware crypto support
>work for OpenBSD -- last IETF meeting he encouraged us to at least
>look at it and possibly also pick it up.  I don't have cycles at this
>very moment to look at it, but ...

	I'll definitely need to look at openbsd.  after quick browse,
	there's one major difference in kame-ipsec and openbsd-ipsec code
	orientation.  in openbsd-ipsec a packet will visit ip_input or
	ip_output more than once.  kame-ipsec tries to avoid it.
	this makes some difference in creating ipsec processing queue.