[911] in linux-net channel archive
Re: IPSEC for Linux
daemon@ATHENA.MIT.EDU (Alan Cox)
Wed Aug 16 11:06:39 1995
From: iialan@iifeak.swan.ac.uk (Alan Cox)
To: eichin@mit.edu (Mark W. Eichin)
Date: Tue, 15 Aug 1995 19:04:34 +0100 (BST)
Cc: linux-net@vger.rutgers.edu
In-Reply-To: <9508150336.AA00408@perdiem.cygnus.com> from "Mark W. Eichin" at Aug 14, 95 08:36:23 pm
> I'm also interested in working on/testing/collaborating on a linux
> IPsec, but given that the base spec requires DES, I was hoping not to
> compete (compete for the resources of other developers that is :-)
> against non-US implementations (which would have the advantage of wide
> distribution and no export hassles...)
DES isnt an issue. Dont include the DES support in the IPsec code. Make
it use a clean module interface to transforms [Ted Tso hammered much of
this out nicely in Germany last year].
I think we have more DES implementations in Europe than in the US. I
also like the idea of the config saying something like
Are you in france or russia (CONFIG_SEC_ILLEGAL) Y
*
* Skipping security options
*
Are you in the USA (CONFIG_LUNATIC_PATENTS) Y
*
* Skipping compression options
*
Alan
