On Friday 2005-October-28 15:14, Oscar A. Valdez wrote:
> Incidentally, I think the folks at netfilter should pay more
> attention to the difficulties with ipsec and iron them out.
Ooooh, I think it's a sensitive point to say what unpaid volunteers
should or should not be doing. I am sure you didn't mean it to sound
rude or ungrateful, but it does. Perhaps your company will consider
funding development.
Or not. I fail to see the appeal of ipsec. Similar, arguably better,
transport security can be had with far less bother using openvpn.
(Better because of OpenSSL being the crypto implementation, and that
project likely gets more expert review than any Ipsec code.) NAT, and
even non-IP protocols, are no problem with openvpn.
--
mail to this address is discarded unless "/dev/rob0"
or "not-spam" is in Subject: header
