Subject: Re: IPSEC and user vs machine authentication
To: Jason Thorpe <firstname.lastname@example.org>
From: Michael Richardson <email@example.com>
Date: 08/15/2005 12:53:27
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Jason" == Jason Thorpe <firstname.lastname@example.org> writes:
>> So, this was work that Bill Sommerfeld and I were trying to
>> standardize as a piece of work that many call "PF_POLICY" (but we
>> didn't want to actually make the API a socket-based one, leaving
>> that for the implementor to worry about).
Jason> Has that effort died? I attended a few informal discussions
Jason> about this topic when it was first being discussed, but was
Jason> not able to stay involved and have not heard much about it
Jason> since, until you mentioned it now.
I'm still working on it, but I can't write a "standard" in isolation.
I wrote code for Openswan to prototype the first part [query] (and we even
demonstrated it at a BlackHat conference).
I'm still interesting in continuing on this.
] Michael Richardson Xelerance Corporation, Ottawa, ON | firewalls [
] mcr @ xelerance.com Now doing IPsec training, see |net architect[
] http://www.sandelman.ca/mcr/ www.xelerance.com/training/ |device driver[
] I'm a dad: http://www.sandelman.ca/lrmr/ [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
-----END PGP SIGNATURE-----