Next:
4.1 001: changeable gw
Up:
FreeSWAN KLIPS version 2
Previous:
3.7 klips1 des_eks
4 Detailed Requirements
Subsections
4.1 001: changeable gw wild-side addresses on-the-fly
4.1.1 001: Definition of requirement
4.1.2 001: response
4.2 002: address inertia
4.2.1 002: Definition of requirement
4.2.2 002: response
4.3 003: mini-database of road warriors that persists across reboots
4.3.1 003: Definition of requirement
4.4 004: connection up, down, wanted
4.4.1 004: Definition of requirement
4.4.2 004: Response
4.5 005: routing below tunnel layer to support mobility and multi-homing
4.5.1 005: Definition of requirement
4.5.2 005: Response
4.6 006: SAs entries should be capable of overlapping
4.6.1 006: Definition of requirement
4.6.2 006: response
4.7 007: why do equalizing schedulers not play well with tunnels?
4.7.1 007: Definition of requirement
4.7.2 007: response
4.8 008: decouple SA retrieval from DADDR (don't care how it arrived)
4.8.1 008: Definition of requirement
4.8.2 008: response
4.9 009: SPIs unique, independant of protocol and DADDR
4.9.1 009: Definition of requirement
4.10 010: routing above tunnel layer
4.10.1 010: Definition of requirement
4.11 011: granularity smaller than host
4.11.1 011: Definition of requirement
4.11.2 011: response
4.12 012: /dev/ipsecNNN devices that could be chown(1)ed and chmod(1)ed.
4.12.1 012: Definition of requirement
4.12.2 012: response
4.13 013: process to process tunnels
4.13.1 013: Definition of requirement
4.13.2 013: response
4.14 014: ways to manipulate tunnel perms.
4.14.1 014: Definition of requirement
4.15 015: KLIPS as a loadable module (isn't it already?)
4.15.1 015: Definition of requirement
4.15.2 015: response
4.16 016: stats: (number,time_of_last) packets (out,good_in,error_in)
4.16.1 016: Definition of requirement
4.16.2 016: response
4.17 017: integrate IPsec and firewall policy into Security Policy.
4.17.1 017: Definition of requirement
4.17.2 017: response
4.18 018: full inbound policy checking
4.18.1 018: Definition of requirement
4.18.2 018: response
4.19 019: secure ciphers and hashes
4.19.1 019: Definition of requirement
4.19.2 019: response
4.20 020: kernel implementation (should be faster)
4.20.1 020: Definition of requirement
4.21 021: plays well with routing daemons
4.21.1 021: Definition of requirement
4.21.2 021: response
4.22 022: free of export restrictions
4.22.1 022: Definition of requirement
4.22.2 022: response
4.23 023: standard crypto api to add newer ciphers and hashes
4.23.1 023: Definition of requirement
4.23.2 023: response
4.24 024: opportunistic
4.24.1 024: Definition of requirement
4.25 025: SADB hash table will be locked for additions/deletions
4.25.1 025: Definition of requirement
4.26 026: use a refcount on each SA to increase locking granularity
4.26.1 026: Definition of requirement
Michael Richardson
2001-11-27
