On Tue, 2 Mar 2004, Justin wrote:
From: Claudia Schmeing <claudia@coldstream.ca> Subject: [Users] Announce: FreeS/WAN Project Ending
Dear FreeS/WAN community,
After more than five years of active development, the FreeS/WAN project will be coming to an end.
Is anyone disappointed?
Yes.
Is anyone surprised?
Mildly.
FreeS/WAN garroted itself by refusing to take code contributions from people inside the U.S., out of fear that the BXA would retroactively change export policy and render those contributions poisonous.
Is there anybody with enough organizational/leadership skills to take over the project, preferably located further away of the US influence than Canada is? Export policies are relevant only when enforceable.
FreeS/WAN made no serious attempt to integrate with the linux kernel's routing infrastructure, no doubt due in part to the first issue above.
That could be relieved, given developers and skilled leadership.
FreeS/WAN configuration was, and probably still is, not very intuitive; diagnostics were and probably are similarly poor.
Again, this can be relieved, given the developers.
Corporations, the major users of VPNs, usually use dedicated vpn boxes with support from a commercial VPN provider. If any such providers base their VPN products on FreeS/WAN, it's probably heavily modified.
I maintain a small conglomerate of private and corporate networks. We use FreeS/WAN quite extensively, with great success - in last 2 years we had no drop-out caused by the crypto infrastructure fault. No attempt for opportunistic crypto on the IP level, though, at least not yet. It was a good project. Hope somebody picks up the torch and keeps it burning, possibly even brighter.