Re: PF_KEY Key Management API

[Ran Atkinson <rja@cisco.com>]

In article <2.2.32.19960731192328.00710434@po1.bbn.com> John Zao wrote:

>Where could I find a document that describes the  "PF_KEY Key Management
>API"? The API is supported by the NRL IPSec implementation. In my course of
>designing a key management API for Mobile IP, I would like to learn from its
>design.
>
>Many thanks,
>
>John.

John,

  The PF_KEY API already has hooks to support Mobile IP, so you might just be
able to reuse the freely distributable PF_KEY API and Key Engine code from the
NRL IPv6+IPsec implementation.  If you need minor API changes, the PF_KEY gang
are happy to work with you to ensure that PF_KEY can meet the needs of Mobile
IP.  Send me unicast email if you want to persue this.  An I-D describing
PF_KEY version 2 exists and should be put online soon, but the INET'96
paper that Dan McD mentioned is a better introduction to PF_KEY anyway.


All,
  This seems a good time to mention that the NRL July 1996 IPv6+IPsec
(includes IPv6, IPsec for IPv4, IPsec for IPv6, PF_KEY, and the Key Engine for
4.4-Lite BSD/NetBSD/BSDI and tested with those on SPARC and x86 hardware)
is available online now/soon.

US:	http://web.mit.edu/network/isakmp	(coming very soon;
			 was online there but they just suffered a disk crash)

US & Canada:
	http://www.cisco.com/public/library/isakmp/ipsec.html

Europe (Export version for July 96, but full versions for Jan96 & Sep 95):
	ftp://ftp.ripe.net/ipv6/nrl/


Ran
rja@cisco.com

---

References:

• PF_KEY Key Management API
• From: John K Zao <jzao@bbn.com>

---

• Prev by Date: Re: PF_KEY Key Management API
• Next by Date: Re: Question on TCP MSS with repsect to IPSEC
• Prev by thread: Re: PF_KEY Key Management API
• Next by thread: Re: PF_KEY Key Management API
• Index(es):
  • Main
  • Thread