Re: crypto (was Re: Congrats Marcelo,)

Rik van Riel (riel@conectiva.com.br)
Wed, 27 Feb 2002 18:57:24 -0300 (BRT)

On Wed, 27 Feb 2002, Michael H. Warfield wrote:
> On Tue, Feb 26, 2002 at 07:33:50PM -0300, Rik van Riel wrote:
> > On Tue, 26 Feb 2002, Jeff Garzik wrote:
>
> > > IMO it's time to get a good IPsec implementation in the kernel...
>
> > Where would we get one of those ?
>
> > The freeswan folks seem quite determined to not let any
> > americans touch their code, so inclusion of their stuff
> > into the kernel is out.
>
> No... That's patently not true.
>
> They won't accept contributions from us, but we touch
> their code all the time. If we didn't, how would we get any testing
> done, which they do accept from us.

> They won't accept contributions from US developers to their code
> base. That does NOT mean that they will not accept contributing the IPSec
> kernel code to the kernel and the incorporation of klips into the kernel
> source tree.

Wouldn't that result in the following scenario:

1) freeswan gets merged into the kernel

2) davem fixes a networking thing which
happens to touch freeswan

3) the freeswan developers don't take davem's
fix into their tree

4) the next patch by the freeswan people doesn't
apply to what's in the kernel

Somehow this scenario doesn't seem like it would make
the ipsec implementation very maintainable.

Maybe it would be better to use what the usagi people
are building, just to have an easier maintainable system?

regards,

Rik

-- 
"Linux holds advantages over the single-vendor commercial OS"
    -- Microsoft's "Competing with Linux" document


http://www.surriel.com/		http://distro.conectiva.com/


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/