On Wed, 2011-08-03 at 22:21 -0700, Casey Schaufler wrote: > Smack does not use IPsec on IPv4. Smack uses CIPSO. CIPSO is > implemented completely within the kernel. It has no user space > component. There is no CIPSO equivalent for IPv6 due to the > expectation that all IPv6 implementations will use IPsec and > IPsec will address all security issues known to man and then > some.
Oh, one other point... "due to the expectation that all IPv6 implementations will use IPsec and IPsec will address all security issues known to man and then some." Who's assumption? Certainly not that of the IETF. Sounds like some non-sense promulgated by some anti-IPv6 camps and sounds somewhat denigrating and disparaging. It's demonstrably false. We still have MD5 signatures on tcp packets used by BGP on IPv6 (I'm also a contributor to quagga in that very area) even though it was originally "expected" that AH would replace MD5 signatures for BGP authentication. That expectation went bye-bye many years ago. We still have Kerberos. I don't see anyone going back to telnet instead of ssh over IPv6. We still have SSL over IPv6. The very statement is facetious on its face and can't possibly be taken seriously. If SMACK does not support IPv6 then SMACK is broken. Fix it. IPv6 is a reality. Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ BlackBerry® DevCon Americas, Oct. 18-20, San Francisco, CA The must-attend event for mobile developers. Connect with experts. Get tools for creating Super Apps. See the latest technologies. Sessions, hands-on labs, demos & much more. Register early & save! http://p.sf.net/sfu/rim-blackberry-1
_______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
