Take a Closer Look at OpenBSD 4.3
Aug 19, 2008, 00:32 (0 Talkback[s])
(Other stories by John Fronckowiak)
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
[ Thanks to BlueVoodoo for this link.
"Because the OpenBSD project is based in Canada, no
United States export restrictions on cryptography apply, allowing
the distribution to make full use of modern algorithms for
encryption. Encryption can be found almost everywhere in the
operating system, from file transfers to file systems to
networking. Pseudo-random number generators are also included in
OpenBSD, which ensures that random numbers cannot be predicted
based on the system state. Other features include cryptographic
hash functions, cryptographic transform libraries, and
cryptographic hardware support.
"Another heavily exported piece of OpenBSD is the IP Security
Protocol (IPSec), which the operating system uses rather than
relying on the inherently insecure TCP/IP version 4 (IPv4). (IPV4
chooses to trust just about everybody and everything.) IPSec
encrypts and validates packets to protect the privacy of data and
to ensure that no changes are made to packets during the delivery
process. IPSec became an integral piece of the standard Internet
Protocol with the introduction of TCP/IP version 6 (IPv6), making
the future of the Internet more secure by default."