Subject: IPsec blowfish interop
To: None <tech-net@netbsd.org>
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
List: tech-net
Date: 09/18/2000 11:02:14
As I mentioned before, at this moment IPsec blowfish support is rather
unstable.
- 1.5 branch has old IPsec ESP engine, and netbsd-current has new IPsec
ESP engine
- they emit different ciphertext against the same plaintext, with
blowfish only (other algorithm has no change)
- i'm convinced the new code is right, but there are other people
who tells me the opposite
so for now, please refrain from using blowfish in mission-critical
application. I hope to sort it out very soon, and repair either 1.5
or netbsd-current as soon as possible.
itojun