From: skrenta@osmosys.incog.com (Rich Skrenta)
Date: Sun, 23 Jun 1996 16:50:19 +0800
To: cypherpunks@toad.com
Subject: SKIP IP-layer encryption release Beta 2.3
Message-ID: <199606230444.VAA00630@miraj.incog.com>
MIME-Version: 1.0
Content-Type: text/plain


We are pleased to announce the newest release of our domestic source
reference implementation into the public domain.

>From this public domain source release, you can build a fully functional
IP-layer encryption and authentication package with full key management.
Both FreeBSD 2.1.0 and SunOS 4.1.3 are supported in this release.
DES, triple-DES and SAFER are supported for encryption and keyed-MD5 is
supported for authentication.

This source produces a package which contains a loadable module which
works with existing TCP/IP stacks.  You do not need to replace (or even
recompile) your IP stack to use this package.

SKIP encrypts traffic at the IP packet layer.  Applications do not need
to be recompiled or modified to take advantage of encryption.

Source and pre-built binaries (for FreeBSD 2.1.0) may be obtained by US
and Canadian citizens from http://skip.incog.com/

    This software may be used without restriction, for commercial
    and/or non-commercial purposes.


Features of this release
------------------------

	o  Support for FreeBSD2.1.0 
	o  SKIP V2 compliant implementation using ESP and AH encapsulation.
	o  Support for Authentication using keyed-MD5.
	o  Support for DES, 3DES, and SAFER 128SK  for traffic and key 
	   encryption.
	o  Support for nomadic users
	o  Support for multiple local identities with different sets of
	   parameters.
	o  Support for multiple CA (Certificate Authority) certificates.
	o  Transport mode is supported.
	o  New Certificate Discovery protocol.
	o  Highly configurable key manager.
	o  Support for RAW AH and ESP protocols.
	o  Diffie-Hellman Public Key Agreement based system.
	o  Support for multiple NSIDs and multiple local certificates.
	o  GUI tool for user friendly manipulation of access control lists
	   and key statistics.
	o  Command line tools for manipulating access control lists, etc.
	o  Implementation of the Certificate Discovery protocol fully
	   integrated into SKIP.
	o  Implementation of X.509 public key certificates.
	o  Implementation of DSA signature algorithm for certificate
	   signatures.
	o  Implementation for MD2, MD5 and SHA message digest algorithms.
	o  Implementation of ASN.1 DER encoding/decoding.
	o  SunScreen(tm) SKIP compatibility mode.
	o  Implementation of hashed public keys as defined in the SKIP 
	   draft.  Implementation of programs to generate hashed public
	   keys,  to convert X.509 Certificates to hashed
	   keys and  print both X.509 and Hashed certificates.
	o  High performance Big Number library for Diffie-Hellman 
	   calculations.
	o  Implementation is effectively "public domain" and may be used both 
	   commercially and non-commercially.
	o  Patent Agreement with Cylink allows royalty-free use of the 
           Diffie-Hellman and other Stanford patents with this package for 
	   commercial and non-commercial use.  Read README.PATENT for 
	   some restrictions.
	o  Inclusion of prime generation program used to generate the 
	   primes in SKIP draft.