On 30/08/2018 17:39, Philipp Buehler wrote:
> I was not following development too closely, but I think that on the
> kernel side
> things have not changed. Which means iked and isakmpd will happily
> "toe tap"
> on each others SADB in the kernel (even if there is *some* PID handling).
>
> Would like to hear if kernel side has "improved" lately, but the
> overall standpoint
> looks like: IKEv1 is dead (e.g. see the removal of IKEv1 stubs in iked
> some "months ago").
Why would IKEv1 be dead if the stubs were removed from iked? There is
still isakmpd and that works pretty well.
Also I see many companies that still use IKEv1 and it would be
unpleasant if there was no way to connect to them with OpenBSD.
Daniel
No comments:
Post a Comment