[nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC

Siraaj Khandkar siraaj at khandkar.net
Fri Dec 17 16:17:43 EST 2010


On 14 Dec 2010, at 22:11, Pete Wright wrote:

> On Tue, Dec 14, 2010 at 10:03:55PM -0500, Siraaj Khandkar wrote:
>> Anyone else noticed this? Any thoughts?
>> 
> 
> I was thinking about this since reading the mail, and at this point I
> really don't know what to think - aside from the fact that thank god the
> code is open and available for review.  Hopefully someone has the
> resources to go through the commit logs (like bob beck mentions in the
> followup to this post) during the time to do an audit of this code.
> 
> as far as the whole "US govt pushing openbsd and virtual ipsec devices"
> theory - I'm not really buying it (and probably being naive for doing so).
> 

My thoughts as well. I have faith in OpenBSD developers, but I'm
wondering what will be the publicity impact. May become more difficult
convincing bosses/clients to agree to use OpenBSD (or any *BSD)
gateways/servers...

I really hesitate to say it, but perhaps Perry's email should not have
been released so soon, not until some sort of audit took place. But what
do I know...

Also, will this spill-over to and prompt SELinux scrutiny as well...?


-- 
Siraaj Khandkar
http://twitter.com/IbnFirnas



More information about the talk mailing list