Toronto 2014 meetup: Difference between revisions

From Libreswan
Jump to navigation Jump to search
mNo edit summary
No edit summary
Line 8: Line 8:
Agenda items (raw)
Agenda items (raw)


-- uncrustify discussion
- uncrustify discussion


-- refactoring to reduce crypto boundary
- refactoring to reduce crypto boundary


-- clang / coverity
- clang / coverity


-- [[ modp group restrictions ]]
- [[ modp group restrictions ]]
-- OE IPsec, AUTH_NONE, left/rightauthby=, adns lookups
- OE IPsec, AUTH_NONE, left/rightauthby=, adns lookups
-- CREATE_CHILD_SA
- CREATE_CHILD_SA
-- CP payload (modeconfig for ikev2)
- CP payload (modeconfig for ikev2)
-- EAP (auth for IKEv2)
- EAP (auth for IKEv2)
-- NSS and some userland algo support (AES_GCM, AES_CCM, AES_CTR)
- NSS and some userland algo support (AES_GCM, AES_CCM, AES_CTR)
-- Default proposal list (decouple v1/v2, update v2 ?)
- Default proposal list (decouple v1/v2, update v2 ?)
-- ike/esp parser
- ike/esp parser
-- parser and generic restrictions (conflicting conns loading, etc)
- parser and generic restrictions (conflicting conns loading, etc)
-- CA chains
- CA chains
-- UNH certification
- UNH certification
-- FIPS certification
- FIPS certification
-- audit support
- audit support
-- dynamic interfacing and whack --listen / NM etc
- dynamic interfacing and whack --listen / NM etc
-- ADNS -> unbound
- ADNS -> unbound

Revision as of 17:15, 14 July 2014

This meetup will be held immediately after IETF-90 in Toronto.

It will be hosted by Paul Wouters

Scheduled to attend: Antony Antony, D. Hugh Redelmeier, Matt Rogers, Tuomo Soini, Kim Heino and Paul Wouters

Agenda items (raw)

- uncrustify discussion

- refactoring to reduce crypto boundary

- clang / coverity

- modp group restrictions - OE IPsec, AUTH_NONE, left/rightauthby=, adns lookups - CREATE_CHILD_SA - CP payload (modeconfig for ikev2) - EAP (auth for IKEv2) - NSS and some userland algo support (AES_GCM, AES_CCM, AES_CTR) - Default proposal list (decouple v1/v2, update v2 ?) - ike/esp parser - parser and generic restrictions (conflicting conns loading, etc) - CA chains - UNH certification - FIPS certification - audit support - dynamic interfacing and whack --listen / NM etc - ADNS -> unbound