[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: IPsec and RTP crypto



On Wed, 4 Apr 2001, Michael Thomas wrote:
>    I seem to recall Bill Sommerfeld making similar
>    remarks as Jeff about Sun's stack and I think
>    I remember that Freeswan doesn't have the ability
>    to filter off of ports yet...

Correct on the FreeS/WAN part (can't answer for Sun!).  This is being
fixed, although as Sandy commented, we belong to the faction which says
that you are usually better off just encrypting *everything* -- if only
because it denies useful information to the bad guys -- unless there are
truly compelling reasons not to. 

                                                          Henry Spencer
                                                       henry@spsystems.net



Follow-Ups: References: