Mail Archive Search: <+subject:/^(?:^\s*(re|sv|fwd|fw)[\[\]\d]*[:>-]+\s*)*TCP\s+MD5\s+signature\s+option\s+$RFC2385$\s*$/>

Results:

References: [ +subject:/^(?:^\s*(re|sv|fwd|fw)[\[\]\d]*[:>-]+\s*)*TCP\s+MD5\s+signature\s+option\s+$RFC2385$\s*$/: 14 ]

Total 14 documents matching your query.

1. TCP MD5 signature option (RFC2385) (score: 1): Author: xxxx>; Date: 25 Jan 2002 20:44:48 -0500; I noticed that Linux stack doesn't currently support for RFC2385 (MD5 signatures for TCP packets). This could be useful for the zebra project for authenticating BGP connections with other implementat; /archives/netdev/2002-01/msg00110.html (7,543 bytes)
2. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: xxxx>; Date: Fri, 25 Jan 2002 21:39:43 -0500; Can you use IPsec authentication? See www.freeswan.org for the Linux implementation. I don't know how useful these are, but some things to consider: The /dev/random driver includes MD5 and some code; /archives/netdev/2002-01/msg00111.html (8,073 bytes)
3. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: xxxx>; Date: 25 Jan 2002 21:52:10 -0500; This is a bit different -- the RFC describes an option that would be added to the tcp options procesing while freeswan provides AH which is between the IP and TCP headers. Yeah, I noticed that driver; /archives/netdev/2002-01/msg00112.html (8,666 bytes)
4. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: xxxx>; Date: Sat, 26 Jan 2002 04:52:40 +0100; TCP is not very well fitted to add a new 'go over all data in packet' pass. It is heavily optimized for copy-csum-and-forget in one go. You could add a new pass for MD5, but it would not be nice. As; /archives/netdev/2002-01/msg00113.html (8,604 bytes)
5. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: xxxx>; Date: Sat, 26 Jan 2002 04:17:36 +0000; Odd, NetBSD and OpenBSD provide TCP_SIGNATURE as a kernel config option. I suspect that FreeBSD, BSDI, and BSD/OS do as well. I've already asked Frank offline if what he is trying to do actually requ; /archives/netdev/2002-01/msg00114.html (9,792 bytes)
6. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: xxxx>; Date: Sat, 26 Jan 2002 08:23:41 -0500 (EST); Andi, This is a TCP option; so should fit well in the slow path. Of course it brings a whole new meaning to DoS;-> IIRC, not all packets within a flow will have this option turned on; cheers, jamal; /archives/netdev/2002-01/msg00115.html (8,806 bytes)
7. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: xxxx>; Date: 26 Jan 2002 15:25:02 -0500; True -- as you say, it is rather obscure. When it is used, it's generally expected that the connection will be slower. Once the BGP table feed has completed, though, a stable connection won't send m; /archives/netdev/2002-01/msg00116.html (10,044 bytes)
8. TCP MD5 signature option (RFC2385) (score: 1): Author: Frank Solensky <solenskyf@xxxxxxx>; Date: 25 Jan 2002 20:44:48 -0500; I noticed that Linux stack doesn't currently support for RFC2385 (MD5 signatures for TCP packets). This could be useful for the zebra project for authenticating BGP connections with other implementat; /archives/netdev/2002-01/msg00244.html (7,543 bytes)
9. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: Sandy Harris <sandy@xxxxxxxx>; Date: Fri, 25 Jan 2002 21:39:43 -0500; Can you use IPsec authentication? See www.freeswan.org for the Linux implementation. I don't know how useful these are, but some things to consider: The /dev/random driver includes MD5 and some code; /archives/netdev/2002-01/msg00245.html (8,105 bytes)
10. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: Frank Solensky <solenskyf@xxxxxxx>; Date: 25 Jan 2002 21:52:10 -0500; This is a bit different -- the RFC describes an option that would be added to the tcp options procesing while freeswan provides AH which is between the IP and TCP headers. Yeah, I noticed that driver; /archives/netdev/2002-01/msg00246.html (8,748 bytes)
11. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: Andi Kleen <ak@xxxxxxx>; Date: Sat, 26 Jan 2002 04:52:40 +0100; TCP is not very well fitted to add a new 'go over all data in packet' pass. It is heavily optimized for copy-csum-and-forget in one go. You could add a new pass for MD5, but it would not be nice. As; /archives/netdev/2002-01/msg00247.html (8,668 bytes)
12. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: Chris Dukes <pakrat@xxxxxxxxxxxxxxxx>; Date: Sat, 26 Jan 2002 04:17:36 +0000; Odd, NetBSD and OpenBSD provide TCP_SIGNATURE as a kernel config option. I suspect that FreeBSD, BSDI, and BSD/OS do as well. I've already asked Frank offline if what he is trying to do actually requ; /archives/netdev/2002-01/msg00248.html (9,920 bytes)
13. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: jamal <hadi@xxxxxxxxxx>; Date: Sat, 26 Jan 2002 08:23:41 -0500 (EST); Andi, This is a TCP option; so should fit well in the slow path. Of course it brings a whole new meaning to DoS;-> IIRC, not all packets within a flow will have this option turned on; cheers, jamal; /archives/netdev/2002-01/msg00249.html (8,835 bytes)
14. Re: TCP MD5 signature option (RFC2385) (score: 1): Author: Frank Solensky <solenskyf@xxxxxxx>; Date: 26 Jan 2002 15:25:02 -0500; True -- as you say, it is rather obscure. When it is used, it's generally expected that the connection will be slower. Once the BGP table feed has completed, though, a stable connection won't send m; /archives/netdev/2002-01/msg00250.html (10,138 bytes)

Current List: 1 - 14
Page: [1]