Poaching codepoints

I'm in the midst of building our own flavor of labelled IPsec for Trusted Extensions, and took a look at what the "competition" (specifically, SELinux) is doing.  I was surprised to notice that (at least if the ipsec-tools-0.7 source is to be believed) they've grabbed a codepoint assigned to RFC 3168 (Explicit Congestion Negotiation) rather than actually asking for one to be assigned via the normal IANA processes, or using the long-defined but rarely used capabilities of ikev1 to carry a sensitivity label. 

It looks like racoon2 gets this right (but doesn't have the SElinux security context support).

I can't be the first person to notice this, can I?

Comments:

Probably not, but its linux. Your standard is wrong, you should change to take into account that were are now using it - have a good day

Posted by kangcool on November 15, 2007 at 08:31 AM EST #

Assuming your observations are correct (and I don't doubt that they are), this wouldn't be the first time the Linux community has side-stepped standards. Hence their use of the same fdisk partition type that was assigned to Solaris for their swap partitions...

Posted by Rich Teer on November 16, 2007 at 02:24 AM EST #

Post a Comment:
Comments are closed for this entry.
About

sommerfeld

Search

Top Tags
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today