cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1995-08-10 - Re: IPSEC goes to RFC

Header Data

From: sdw@lig.net (Stephen D. Williams)
To: perry@piermont.com
Message Hash: 7c15c29892201d9203f5545a528dfa573a208f1c0cfe58b82dd5000c26703156
Message ID: <m0sgafh-0009yuC@sdwsys>
Reply To: <199508101452.KAA24637@panix4.panix.com>
UTC Datetime: 1995-08-10 16:06:32 UTC
Raw Date: Thu, 10 Aug 95 09:06:32 PDT

Raw message

From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 10 Aug 95 09:06:32 PDT
To: perry@piermont.com
Subject: Re: IPSEC goes to RFC
In-Reply-To: <199508101452.KAA24637@panix4.panix.com>
Message-ID: <m0sgafh-0009yuC@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain



> Adam Shostack writes:
> > | IPSEC is now a Proposed Standard.
> > 
> > | Again, *we need your help*. Cypherpunks write code. Help us make the
> > | internet safe for personal privacy by contributing to this effort.
> > 
> > 	How about posting a list of 'things that need doing?'  I
> > assume one is floating around, possibly even with time estimates?
> 
> The IETF was challenged by Steve Crocker to be ready for use of IPSEC
> for the Dallas meeting in December so that no IETFer who wanted to
> communicate securely with his home site need be insecure.
> 
> To accomplish that, we need to produce versions of the security stack
> for many architectures. Right now, we have AIX and 4.4BSD fairly
> solidly covered. Less well covered is HPUX. People familiar with code

Could we please share snapshots of any code that exists?  Even if it's
for a totally different OS, it's still extremely helpful if we're short
on time.

> like the Trumpet Winsock stack, Linux, or who have access to the

I'm interested in doing/helping with Linux.  I also have access to
an SGI Indy (less well ready to develop though) and HPUX.

> innards of SunOS, Solaris, Windows 95, Mac stacks, and others, and can
> legitimately release implementations for those platforms, are probably
> needed. We need serious commitments from people but of course everyone
> is trying to help everyone else along.
> 
> Basically, if you know how to hack kernels and networking code and you
> have a platform you can work on, we need you.
> 
> We also lack work on the key management end of things -- people who
> can start playing around with implementing Photuris, even on a "toy"
> basis, would probably be of help.
> 
> Perry

Does it make any sense to talk about loopback interface style wedges to
convert OS native IP to IPSEC?  What about a version of inetd that
wraps apps?

(I'm about to read the RFC's, so not sure if those suggestions make sense
yet.)

I really like the idea of using DNS for (public I assume) keys...

sdw
-- 
Stephen D. Williams 25Feb1965 VW,OH (FBI ID) sdw@lig.net http://www.lig.net/sdw
Consultant, Vienna,VA Mar95- 703-918-1491W 43392 Wayside Cir.,Ashburn, VA 22011
OO/Unix/Comm/NN       ICBM/GPS: 39 02 37N, 77 29 16W home, 38 54 04N, 77 15 56W
Pres.: Concinnous Consulting,Inc.;SDW Systems;Local Internet Gateway Co.;28May95

Thread