[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New ISAKMP+Oakley code!

To: ipsec@TIS.COM
Subject: New ISAKMP+Oakley code!
From: Daniel Harkins <dharkins@cisco.com>
Date: Thu, 01 Aug 1996 16:25:48 -0700
Sender: ipsec-approval@neptune.tis.com

  Cisco Systems is pleased to announce the release of the next version of
their ISAKMP daemon. This software distribution is being made available 
free of charge for any commercial or non-commercial use to advance ISAKMP 
as a solution to Internet Key Management.

  Major changes from the previous version include:
	* Compliance with draft-ietf-ipsec-isakmp-oakley-01.txt
	* HMAC-MD5 ("derived from the RSA Data Security, Inc. MD5 Message-
	  Digest Algorithm") and HMAC-SHA.
	* Colin Plumb's BigNum multiprecision integer library.
	* truerand() random number generator by Don Mitchell and Matt Blaze.

  To software can be obtained by pointing your favorite browser to
http://www.cisco.com/public/library/isakmp/isakmp.html and following the
hot links. This entire distribution is export controlled and unfortunately
cannot be obtained by non-US citizens or non-US permanent residents.

  This daemon uses the PF_KEY Key Management API to register with a
kernel which has implemented this API and the surrounding key management
infrastructure. The NRL IPsec software distribution (currently bundled with
IPv6) is such an implementation. Security associations negotiated by the
ISAKMP daemon are inserted into the kernel's key engine and are available
for use by its AH/ESP security mechanisms. To facilitate use of this ISAKMP 
daemon, the NRL distribution is also being made available an the same URL
described above.

  This distribution comes with a cryptographic library from Cylink Corporation.
Cylink has granted Cisco the right to offer this library-- source code to
the Diffie-Hellman key exchange, the Digital Signature Standard, and the
Digital Encryption Standard-- to all third parties on a royalty-free basis
for use only with this ISAKMP reference implementation.

  Note: Both the BigNum package and the cryptographic library come with 
exercise routines to validate each package. If errors occur and the 
respective README is not helpful, please contact the mailing list below 
for help. If either the BigNum package or the cryptographic library is not 
in full working order, the ISAKMP daemon will not work properly.

  A mailing list for problems, bug fixes, porting changes, and general
discussion of ISAKMP and Oakley has been established: isakmp-oakley@cisco.com 
(majordomo@cisco.com for admin requests).

Prev by Date: Re: Key Management, anyone? (DNS keying)
Next by Date: Re: Key Management, anyone? (DNS keying)
Prev by thread: Re: Question on TCP MSS with repsect to IPSEC
Next by thread: Re: New ISAKMP+Oakley code!
Index(es):
- Main
- Thread