[Info-vax] The continued ham-stringing of IPsec/VMS - Cui Bono? - TUDs - Bobby Ewing

Thu Oct 29 06:07:08 EDT 2009

Hi Richard,

"Richard B. Gilbert" <rgilbert88 at comcast.net> wrote in message
news:x9udnaQI1Ne0cXXXnZ2dnUVZ_jmdnZ2d at giganews.com...
> Arne Vajhøj wrote:
> > Richard B. Gilbert wrote:
> >> Arne Vajhøj wrote:
> >>> Richard B. Gilbert wrote:
> >>>> Bob Koehler wrote:
> >>>>> In article <hc05rh$c4f$1 at news-01.bur.connect.com.au>, "Richard
> >>>>> Maher" <maher_rj at hotspamnotmail.com> writes:
> >>>>>> So while it's great to see IPsec doing a Bobby Ewing and getting
> >>>>>> to live
> >>>>>> another day, I just cannot understand how it could possibly take
> >>>>>> another 12
> >>>>>> months to certify code that is already there, and will already
> >>>>>> have shipped
> >>>>>> in H1 2010 with TCP/IP 5.7.
> >>>>>>
> >>>>>> Can someone please explain to me what obstacles are preventing
> >>>>>> IPsec from
> >>>>>> being supported in H1 2010 with VMS 8.4?
> >>>>>
> >>>>>    I don't work for HP, but testing and certification of reliable
code
> >>>>>    across a great many hardware platforms takes time.  I would not
> >>>>> like
> >>>>>    to see VMS Engineering start cutting corners on testing.
> >>>>
> >>>> Which "great many" hardware platforms are we talking about?  I count
> >>>> three: VAX, Alpha, and Itanic.  And I'd be willing to dispense with
> >>>> Itanic!  If you have to test with every processor speed, every
> >>>> memory size, every combination of I/O devices. . . .
> >>>
> >>> 3 architectures
> >>> different NIC's
> >>
> >> Isn't the NIC the responsibility of the driver?  It simply sends what
> >> it's told to send and listens for traffic addressed to it.  Wouldn't
> >> IPSEC encryption be done before the NIC and the driver got involved?
> >>
> >>> different number of NIC's
> >>> single CPU and multi CPU systems
> >>
> >> Such systems have existed for many years.  Traffic on multiple
> >> hardware links can be encrypted nearly as easily as on a single link.
> >> A slow CPU and multiple encrypted links could be painful . . . .
> >
> > IPSEC is done at a low level compared to various other
> > encryptions.
> >
> > I would expect VMS engineering to test this stuff on a wide variety of
> > configurations otherwise something will break.
> >
> > Arne
>
> I would expect HP management to rule that supporting IPSEC is too damned
> expensive.  If you could write it once and test it once, great!  It
> seems that's not possible.  First thing to be "not supported" would be
> IPSEC on the VAX platform.  Alpha would be right behind.  Lack of
> interest among Itanic users. . . .   Just forget the whole thing!

I believe the iPhone has an App that let's one locate other lonely men in
one's vacinity. I, and my threads, on the other hand would prefer not to
have anything more to do with you. Please go away.

Regards Richard Maher