-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Steven" == Steven M Bellovin <smb@cs.columbia.edu> writes:
    Steven> many different implementations of IKE.  OpenSWAN is one of
    Steven> the affected code bases.  Does anyone know if NetBSD or KAME

  To be clear: provided that you knew a PSK, and the receiver had enabled
	       aggressive mode, you were able to cause an assertion failure.

  We were contacted by NISCC about this in advance, but the NDA-like
document that they wanted us to sign meant that we basically couldn't
have committed any fixes to our public tree, and they could extend the
blackout date essentially for-ever without consultation.
  i.e. unworkable to us.

- -- 
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr@xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBQ34PYoCLcPvd0N1lAQJYgwf/X357cY+RlE+iM7eRh8lrWKsaOwPwI0VD
pCLx2E2cX5HtV4uyR8BN/m86g79lJF4Eegb9ER8fuM5ucXc73f57Vf3gbQStobGD
xPamRScXyXumi4H7rVRm6fleEyUrWfAVDMs0mt73rG34FehH/8vSAD5Xr6bi2BYS
zLOiRbuIiBtDpZBMgT7khqpN0zRtQzohHnPMI/lSwC8c2Jqonx+Hu1gW/Ewxmo/R
Tt2m7pZwcv+N6+1b2ktZ3HgS3JXDbabWcb0cT3gBL8Ks/YnqTrixbBgfhbgHci7W
A05LvPq+osu46QSya1+UkcHxl0UsaNG7xfptGsGIyVMO9QL/wTATbA==
=3qWH
-----END PGP SIGNATURE-----