Hi Christian,
Our Goal for now is to implement the IPsec with the minimum setting and options and i will consider the next:
- We will focus on IP v4 - All the policy configurations (ipsec.confg, policy files , ISAKMP files ) will be configured a head . - We are looking for implementing Authentication Header (AH) only and in the next stage we will add Encapsulating Security Payload (ESP). - We are looking for implementing the Transport Mode - The ISAKMP should be able to recognize the KEYNOTE, so we will use the OpenBSD implantation for the ISAKMP - In the current stage we will use static IPs to simplify the negotiate process - The main object now to implement the Security Associations (SA) and the packet filter options .
I am Open for suggestions and prior experiences. In the same time i am welcoming any one would like to participate .
Best Mohammad
2014-07-10 13:19 GMT+01:00 Christian Helmuth < christian.helmuth@...1...>:
Hello Mohammad,
On Thu, Jul 10, 2014 at 09:55:25AM +0100, Mhamad Hmad wrote:
I would like to bring IPsec to Genode , if there any one interested to participate and share his experiences . I will start step by step and with the easy parts of the IPsec , depend
on
static configurations and maybe later we will implement the remain features.
This sounds like an ambitious endeavor. Also, starting from static PSK-based configurations sounds like the best approach. Do you address IP version 4 or version 6? Do you also plan to implement NAT traversal aka IPSec over UDP?
Best regards
Christian Helmuth Genode Labs
http://www.genode-labs.com/ · http://genode.org/ https://twitter.com/GenodeLabs · /ˈdʒiː.nəʊd/
Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft _______________________________________________ genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main