Toronto 2014 meetup: Difference between revisions

From Libreswan
Jump to navigation Jump to search
No edit summary
No edit summary
Line 17: Line 17:
* CP payload (modeconfig for ikev2)
* CP payload (modeconfig for ikev2)
* EAP (auth for IKEv2)
* EAP (auth for IKEv2)
* NSS and some userland algo support (AES_GCM, AES_CCM, AES_CTR)
* NSS and some userland IKE algo support (AES_GCM, AES_CCM, AES_CTR)
* Default proposal list (decouple v1/v2, update v2 ?)
* Default proposal list (decouple v1/v2, update v2 ?)
* ike/esp parser
* ike/esp parser
Line 24: Line 24:
* UNH certification
* UNH certification
* FIPS certification
* FIPS certification
* audit support
* audit support and statsd
* dynamic interfacing and whack --listen / NM etc
* dynamic interfacing and whack --listen / NM etc
* ADNS -> unbound
* ADNS -> unbound

Revision as of 17:20, 14 July 2014

This meetup will be held immediately after IETF-90 in Toronto.

It will be hosted by Paul Wouters

Scheduled to attend: Antony Antony, D. Hugh Redelmeier, Matt Rogers, Tuomo Soini, Kim Heino and Paul Wouters

Agenda items (raw)

  • uncrustify discussion
  • refactoring to reduce crypto boundary
  • clang / coverity
  • uniqueid handling
  • modp group restrictions
  • OE IPsec, AUTH_NONE, left/rightauthby=, adns lookups
  • CREATE_CHILD_SA
  • CP payload (modeconfig for ikev2)
  • EAP (auth for IKEv2)
  • NSS and some userland IKE algo support (AES_GCM, AES_CCM, AES_CTR)
  • Default proposal list (decouple v1/v2, update v2 ?)
  • ike/esp parser
  • parser and generic restrictions (conflicting conns loading, etc)
  • CA chains
  • UNH certification
  • FIPS certification
  • audit support and statsd
  • dynamic interfacing and whack --listen / NM etc
  • ADNS -> unbound