[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipsec questions/bugs/fixes (PF_KEY/PF_ENCAP)

To: Niels Provos <provos@citi.umich.edu>,Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
Subject: Re: ipsec questions/bugs/fixes (PF_KEY/PF_ENCAP)
From: Kjell Wooding <kwooding@codetalker.com>
Date: Tue, 09 Mar 1999 13:49:08 -0700
Cc: tech@openbsd.org, angelos@openbsd.org
References: <Markus Friedl, Tue, 02 Mar 1999 13:46:23 +0100>

>You forgot to specify the IV for the transforms. PF_ENCAP was
>able to do IV-less mode by deriving an IV from the packet headers.
>We dont do that any more with PFKEYv2.
>So just modify your scripts to include a -iv line:

hm? Doesn't specifying an -iv option now give you a "option is depreciated" warning? Your comment seems to indicate the opposite.

-kj

Follow-Ups:
- Re: ipsec questions/bugs/fixes (PF_KEY/PF_ENCAP)
  - From: "Angelos D. Keromytis" <angelos@dsl.cis.upenn.edu>

References:
- Re: ipsec questions/bugs/fixes (PF_KEY/PF_ENCAP)
  - From: Niels Provos <provos@citi.umich.edu>

Prev by Date: Walloping Mistake
Next by Date: Re: ipsec questions/bugs/fixes (PF_KEY/PF_ENCAP)
Prev by thread: Re: ipsec questions/bugs/fixes (PF_KEY/PF_ENCAP)
Next by thread: Re: ipsec questions/bugs/fixes (PF_KEY/PF_ENCAP)
Index(es):
- Date
- Thread