Toronto 2014 meetup: Difference between revisions
Jump to navigation
Jump to search
Paul Wouters (talk | contribs) No edit summary |
Paul Wouters (talk | contribs) No edit summary |
||
| Line 11: | Line 11: | ||
* refactoring to reduce crypto boundary | * refactoring to reduce crypto boundary | ||
* clang / coverity | * clang / coverity | ||
* [[ modp group restrictions | * [https://bugs.libreswan.org/show_bug.cgi?id=192 uniqueid handling] | ||
* [https://bugs.libreswan.org/show_bug.cgi?id=194 modp group restrictions ] | |||
* OE IPsec, AUTH_NONE, left/rightauthby=, adns lookups | * OE IPsec, AUTH_NONE, left/rightauthby=, adns lookups | ||
* CREATE_CHILD_SA | * CREATE_CHILD_SA | ||
Revision as of 17:19, 14 July 2014
This meetup will be held immediately after IETF-90 in Toronto.
It will be hosted by Paul Wouters
Scheduled to attend: Antony Antony, D. Hugh Redelmeier, Matt Rogers, Tuomo Soini, Kim Heino and Paul Wouters
Agenda items (raw)
- uncrustify discussion
- refactoring to reduce crypto boundary
- clang / coverity
- uniqueid handling
- modp group restrictions
- OE IPsec, AUTH_NONE, left/rightauthby=, adns lookups
- CREATE_CHILD_SA
- CP payload (modeconfig for ikev2)
- EAP (auth for IKEv2)
- NSS and some userland algo support (AES_GCM, AES_CCM, AES_CTR)
- Default proposal list (decouple v1/v2, update v2 ?)
- ike/esp parser
- parser and generic restrictions (conflicting conns loading, etc)
- CA chains
- UNH certification
- FIPS certification
- audit support
- dynamic interfacing and whack --listen / NM etc
- ADNS -> unbound