Source-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src
On Apr 27, 2:06am, itojun%itojun.org@localhost (Jun-ichiro itojun Hagino)
wrote:
-- Subject: Re: CVS commit: src
| > No, it is still useful because some routers will not accept non-md5
sessions.
| > So to interoperate properly the minimum we have to do is send m5 packets and
| > accept m5 packets.
|
| i agree with perry. if NetBSD side does not check signature
| (in fact, it does not check *the existence* of signature either)
| malicious party can throw bogus packets to NetBSD side, and tear down
| connection (or whatever).
But without it you cannot talk to the routers that only do MD5 in
the first place. What you say, is that you'd rather have no
interoperability with such routers, as opposed to interoperability
that is subject to a denial of service attack. No matter what, the
code is a step in the right direction.
christos
Home |
Main Index |
Thread Index |
Old Index