Helsinki 2013 meetup: Difference between revisions
Paul Wouters (talk | contribs) No edit summary |
Paul Wouters (talk | contribs) mNo edit summary |
||
(10 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
This meetup was hosted by Tuomo Soini. Besides Tuomo, this meeting was attended by Antony Antony, D. Hugh Redelmeier, Paul Wouters, Kim and Mika. | |||
Agenda items | Agenda items | ||
Line 4: | Line 8: | ||
[[ uncrustify ]] | [[ uncrustify ]] | ||
[[ Testing Harness ]] | [[ Testing Harness ]] do we want to integrate with CISCO? | ||
[[ crypto boundary and certification ]] | [[ crypto boundary and certification ]] | ||
Line 14: | Line 18: | ||
[[ Linux Secure Tunnel interface support ]] | [[ Linux Secure Tunnel interface support ]] | ||
[[ | [[ pluto and DNS(SEC) ]] | ||
[[ Logging cleanup ]] | |||
[[ Retransmit timings ]] | |||
[[ New OE ]] | [[ New OE ]] | ||
[[ interface listening, binding, updating ]] | |||
[[ TAPROOM / TCLCALLOUT removal? ]] | [[ TAPROOM / TCLCALLOUT removal? ]] | ||
[[ ipsec eroute and ipsec auto --status replacement ]] | [[ ipsec eroute and ipsec auto --status replacement ]] | ||
[[ remove DEBUG switch for userland, possibly also klips. always set ]] | |||
[[ Status of IKEv2 ]] | [[ Status of IKEv2 ]] | ||
Line 27: | Line 39: | ||
[[ Website user and dev documentation ]] | [[ Website user and dev documentation ]] | ||
[[ Network Manager / whack API ]] | |||
[[ webca management with addresspool ]] | [[ webca management with addresspool ]] | ||
Line 36: | Line 50: | ||
[[ Feature matrix: strongswan vs libreswan ]] | [[ Feature matrix: strongswan vs libreswan ]] | ||
[[ lib/libpluto/ ]] | |||
[[ state machine explination]] | |||
[[ Specific Bug issues ]] | [[ Specific Bug issues ]] | ||
Makefile.depend.linux : do we really need it in git? when i locally re-generate it is different. | |||
Connection validations: check invalid combinations when loading connections. eg Con without matching CERT in NSS db. subnet(s) & addresspool. Where is the appropriate place to do it? addcon or starterwhack.c - set_whack_end . If it is whack we already parsed the "also" conn lines we may be able to generate warnings/errors |
Latest revision as of 06:06, 10 July 2014
This meetup was hosted by Tuomo Soini. Besides Tuomo, this meeting was attended by Antony Antony, D. Hugh Redelmeier, Paul Wouters, Kim and Mika.
Agenda items
Testing Harness do we want to integrate with CISCO?
crypto boundary and certification
/etc/ipsec.d ASN.1/PEM and and NSS / openssl
Linux Secure Tunnel interface support
interface listening, binding, updating
ipsec eroute and ipsec auto --status replacement
remove DEBUG switch for userland, possibly also klips. always set
Website user and dev documentation
webca management with addresspool
git branch/tree policies review
Feature matrix: strongswan vs libreswan
Makefile.depend.linux : do we really need it in git? when i locally re-generate it is different.
Connection validations: check invalid combinations when loading connections. eg Con without matching CERT in NSS db. subnet(s) & addresspool. Where is the appropriate place to do it? addcon or starterwhack.c - set_whack_end . If it is whack we already parsed the "also" conn lines we may be able to generate warnings/errors