| To: | Pekka Savola <pekkas@xxxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH] IPsec: add support for Twofish and Serpent |
| From: | "David S. Miller" <davem@xxxxxxxxxx> |
| Date: | Thu, 14 Aug 2003 19:12:59 -0700 |
| Cc: | pp@xxxxxxxxx, kyle@xxxxxxxxxx, jmorris@xxxxxxxxxxxxxxxx, netdev@xxxxxxxxxxx |
| In-reply-to: | <Pine.LNX.4.44.0308142324310.29579-100000@xxxxxxxxxx> |
| References: | <20030814180857.GA4205@xxxxxxxxx> <Pine.LNX.4.44.0308142324310.29579-100000@xxxxxxxxxx> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Thu, 14 Aug 2003 23:25:11 +0300 (EEST) Pekka Savola <pekkas@xxxxxxxxxx> wrote: > Very much agree. I totally disagree, choice is everything. That's why we allow NULL crypto algorithms. Not doing so turns this into a political thing, which I decidedly do not want our IPSEC implementation to be all about. And therefore I will add the patch. > Also, I could be missing something, but I think it takes much more to add > an encryption algorithm than what the patch does?!?! If you use the netlink based IPSEC implementation, any crypto algorithm is supported fully the moment it is added to crypto/. When using pfkeyv2 sockets, yes you have to assign a number and then the APP has to be aware of it. This just shows how bogus it is to use fixed numbers instead of strings to select crypto algorithms. |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [PATCH,RFC] explicit connection confirmation, Lennert Buytenhek |
|---|---|
| Next by Date: | Re: [PATCH] ibmtr - get rid of MOD_INC/DEC, David S. Miller |
| Previous by Thread: | Re: [PATCH] IPsec: add support for Twofish and Serpent, Pekka Savola |
| Next by Thread: | Re: [PATCH] IPsec: add support for Twofish and Serpent, Kyle McMartin |
| Indexes: | [Date] [Thread] [Top] [All Lists] |