[Info-vax] The continued ham-stringing of IPsec/VMS - Cui Bono? - TUDs - Bobby Ewing
Richard B. Gilbert
rgilbert88 at comcast.net
Wed Oct 28 08:36:46 EDT 2009
Arne Vajhøj wrote:
> Richard B. Gilbert wrote:
>> Bob Koehler wrote:
>>> In article <hc05rh$c4f$1 at news-01.bur.connect.com.au>, "Richard Maher"
>>> <maher_rj at hotspamnotmail.com> writes:
>>>> So while it's great to see IPsec doing a Bobby Ewing and getting to
>>>> live
>>>> another day, I just cannot understand how it could possibly take
>>>> another 12
>>>> months to certify code that is already there, and will already have
>>>> shipped
>>>> in H1 2010 with TCP/IP 5.7.
>>>>
>>>> Can someone please explain to me what obstacles are preventing IPsec
>>>> from
>>>> being supported in H1 2010 with VMS 8.4?
>>>
>>> I don't work for HP, but testing and certification of reliable code
>>> across a great many hardware platforms takes time. I would not like
>>> to see VMS Engineering start cutting corners on testing.
>>
>> Which "great many" hardware platforms are we talking about? I count
>> three: VAX, Alpha, and Itanic. And I'd be willing to dispense with
>> Itanic! If you have to test with every processor speed, every memory
>> size, every combination of I/O devices. . . .
>
> 3 architectures
> different NIC's
Isn't the NIC the responsibility of the driver? It simply sends what
it's told to send and listens for traffic addressed to it. Wouldn't
IPSEC encryption be done before the NIC and the driver got involved?
> different number of NIC's
> single CPU and multi CPU systems
Such systems have existed for many years. Traffic on multiple hardware
links can be encrypted nearly as easily as on a single link. A slow CPU
and multiple encrypted links could be painful . . . .
More information about the Info-vax
mailing list