Just a note that, as discussion on nanog shows, it's very important to only do the md5 check if the incoming packet is going to be accepted and processed, rather than the intuitive order of checking the sig first. That's because checking first allows an easy DoS, since checking is cpu-intensive. Barney
-- Barney Wolff http://www.databus.com/bwresume.pdf I'm available by contract or FT, in the NYC metro area or via the 'Net. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
