On Mon, 25 Mar 2002, John S. Denker wrote:
> This point has been addressed by the freeswan project's
> leader and patron, John Gilmore; see
> http://www.freeswan.org/freeswan_trees/freeswan-1.95/doc/HowTo.html#policestate
> wherein he explicitly adopts the passive-only transit-only
> threat model...
No, read it more carefully. He says that the *current* software does
fairly well against that model, that active attacks are harder to stop,
that work *is being done* on them, but that full security against them
involves much more than just encryption etc.
At no point does he say that passive-transit attacks are the only ones we
care about.
They are, at present, the ones we address best... but that's because they
are the ones that are easiest to address with IPsec, not because we have
no interest in the others.
> It must be emphasized that the software you download
> from freeswan.org does !!not!! contain anything resembling
> an RFC-compliant SPD. It is up to you, dear user, to
> construct one, if you want an RFC-compliant IPsec implementation.
True. Note, however, that "RFC-compliant" is not necessarily a very
interesting adjective. A number of the things it involves do not really
contribute very much to security. Some are even detrimental, e.g. the
requirements for 1DES support and TOS copying. We do plan to move in the
direction of RFC compliance *where it's actually helpful*.
Henry Spencer
henry_at_spsystems.net
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:46 CEST