Thursday November 15, 2007 Bill Sommerfeld's Weblog
Still Under Construction. Watch for falling objects
Thursday November 15, 2007 I'm in the midst of building our own flavor of labelled IPsec for Trusted Extensions, and took a look at what the "competition" (specifically, SELinux) is doing. I was surprised to notice that (at least if the ipsec-tools-0.7 source is to be believed) they've grabbed a codepoint assigned to RFC 3168 (Explicit Congestion Negotiation) rather than actually asking for one to be assigned via the normal IANA processes, or using the long-defined but rarely used capabilities of ikev1 to carry a sensitivity label.
It looks like racoon2 gets this right (but doesn't have the SElinux security context support).
I can't be the first person to notice this, can I?
Calendar
| « November 2007 » | ||||||
| Sun | Mon | Tue | Wed | Thu | Fri | Sat |
|---|---|---|---|---|---|---|
3 | ||||||
4 | 5 | 8 | 9 | 10 | ||
11 | 12 | 13 | 14 | 16 | 17 | |
18 | 19 | 20 | 21 | 22 | 23 | 24 |
25 | 27 | 29 | 30 | |||
| Today | ||||||
RSS Feeds
All
/General
/IETF
/IPsec
/Music
/OpenSolaris
/Solaris
Search
Links
- Team IPsec
- Bill Sommerfeld
- Dan McDonald