From 017bee74246aa36a7ed1f1766e5498c5fac9fe2a Mon Sep 17 00:00:00 2001
From: SUZUKI Shinsuke <suz@FreeBSD.org>
Date: Tue, 11 Jan 2005 04:24:17 +0000
Subject: [PATCH] KAME-IPSEC has already supports TCP_SIGNATURE(IPv4)

---
 sys/conf/NOTES | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/conf/NOTES b/sys/conf/NOTES
index f143273157dd..ca91c22ae93d 100644
--- a/sys/conf/NOTES
+++ b/sys/conf/NOTES
@@ -696,8 +696,8 @@ options 	TCP_DROP_SYNFIN		#drop TCP packets with SYN+FIN
 # carried in TCP option 19. This option is commonly used to protect
 # TCP sessions (e.g. BGP) where IPSEC is not available nor desirable.
 # This is enabled on a per-socket basis using the TCP_MD5SIG socket option.
-# This requires the use of 'device crypto', 'options FAST_IPSEC', and
-# 'device cryptodev' as it depends on the non-KAME IPSEC SADB code.
+# This requires the use of 'device crypto', 'options FAST_IPSEC' or 'options
+# IPSEC', and 'device cryptodev'.
 #options 	TCP_SIGNATURE		#include support for RFC 2385
 
 # DUMMYNET enables the "dummynet" bandwidth limiter.  You need IPFIREWALL