New Zealand ADSL Mailing List


Re: IPSec, Nokia MP10.

From: Dan Langille <dan_at_freebsddiary.org>
Date: Mon, 6 Mar 2000 00:50:57 +1300
Message-Id: <200003051904.IAA78497@ducky.nz.freebsd.org>

On 6 Mar 00, at 0:14, Andrew Garrett wrote:

> The summary from my archives tells me that a) It's not doable. b) it might
> be doable, with a firmware upgrade.

I want that firmware upgrade.

> c) telecom have a solution of their
> own, possibly, coming soon.

Mention has been made that a Telecom solution is unsuitable for two
reasons:

1 - you have to trust their solution (this isn't a comment on Telecom, it's
a comment on trusting someone else for your encryption/security/etc.
As opposed to trusting source code you can view and compile first).

2 - presumably if you're getting someone else's solution you have to pay
extra for it.

I have IPSec sitting here ready to talk to someone. The source code
used to do this is freely available and I trust it. It costs me nothing but
my time to implement it. It's a solution which can be cheaply and
efficiently used. If only my M10 would open up it's widdle self.

I and many others on this list are perfectly willing and able to face the
big bad world. I say the M10 needs to be configurable such that all and
any protocols are passed through. Let our firewalls deal with it. That's
what we have them for.

I fully agree that the M10s must be delivered in a certain "locked-down"
state to cater for the users who cannot or do not use a firewall. But for
the rest of us, we know the implications of opening ourselves up and,
damn it [hand slaps desk for effect], we want it! <grin>

What problems need to be overcome before the above suggestions can
be achieved? What can we do to expedite the solutions?

> And, I'd like to thank everyone, for the outpourings of sympathy which I
> can feel, from you all, even before I push send.

OK, at 9:03 monday morning, everyone send Andrew a group sigh (but
dont cc the list, thanks). 

--
Dan Langille - DVL Software Limited [I'm looking for more work]
http://www.dvl-software.com/ |  http://www.unixathome.org/
http://www.racingsystem.com/ |  http://www.freebsddiary.org/
To unsubscribe: send mail to majordomo@freebsddiary.cx
with "unsubscribe adsl" in the body of the message
Received on Mon Mar 6 08:04:49 2000

This archive was generated by hypermail 2.2.0 : Thu Nov 30 11:48:03 2006 EST