Wed, 15 Dec 2010

7:53 PM - OpenBSD IPSEC allegations

There has been some concern raised about the possibility of a backdoor in the IPSEC implementation of OpenBSD.  As OpenBSD's implementation was the basis of FreeBSD's IPSEC code and we use the same code,  I want to make others aware of this issue.

 I have not audited this code so I don't know if this is true, but I find it unlikely.  I will defer to others in the BSD community to audit the code in OpenBSD before taking any actions.  

I have never been approached about adding a backdoor into MidnightBSD. To the best of my knowledge, none exists.