Thomas Shaddack (2004-03-02 02:49Z) wrote:
Is there anybody with enough organizational/leadership skills to take over the project, preferably located further away of the US influence than Canada is? Export policies are relevant only when enforceable.
Corporations, the major users of VPNs, usually use dedicated vpn boxes with support from a commercial VPN provider. If any such providers base their VPN products on FreeS/WAN, it's probably heavily modified.
I maintain a small conglomerate of private and corporate networks. We use FreeS/WAN quite extensively, with great success - in last 2 years we had no drop-out caused by the crypto infrastructure fault. No attempt for opportunistic crypto on the IP level, though, at least not yet.
It was a good project. Hope somebody picks up the torch and keeps it burning, possibly even brighter.
1.9 was forked and is part of USAGI's IPv6 project, which was (mostly) integrated into the 2.6 kernel. I think at this point, small portions of 1.9->2.06 diff may be integrated, but the rest, and FreeS/WAN in general, is dead as a project distinct from the kernel. The USAGI version uses cryptoapi which is much more intelligent than using gmp. I haven't looked, but I think the USAGI/2.6 implementations are much better integrated with the linux routing infrastructure. DaveM and Alexey were griping about the miserable state of FreeS/WAN in that department back when ipsec in 2.6 was being discussed. In particular, OE may not be part of 2.6 yet (I haven't used 2.6 ipsec or USAGI ipsec, so I don't know), but that's the only major thing from FreeS/WAN 2.0 I can see being integrated. And sure, you use FreeS/WAN, and a company I used to work for used it too. There are employees of many other companies who post to the FreeS/WAN lists. But that's hardly representative of the majority of companies. -- That woman deserves her revenge, and... we deserve to die. -Budd, Kill Bill