[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NIST's IPsec-WIT Tester now has IKE!!!



	Announcing IPSEC-WIT (IKE):  
a WWW-based  IPsec / IKE (Internet Key Exchange) 
	Interoperability Test System
http://ipsec-wit.antd.nist.gov

NIST’s WWW-based IPSEC test system, IPsec-WIT, now
supports use of IKE for negotiating Security Associations (SAs), 
in addition to manual SA establishment.   

New, additional, test suites are available for IKE based testing. 
IKE test cases allow users to configure underlying IKE parameters
and then conduct interoperability tests, from key negotiation
through IPsec data transfer.  The test system provides output and
diagnostics at various levels of detail (high level script traces to
individual packet dumps), either directly through the WWW interface
or out-of-band through email.

For those interested in the IPSEC-WIT system, but not ready
to conduct real tests, the system supports test cases that allow it
to negotiate with itself.

WIT contains an extensive Tutorial on the tester’s operations, 
as well as pointers to documentation for NIST’s IKE and 
IPSEC Reference implementations, PlutoPlus and Cerberus.

Documentation for PlutoPlus and Cerberus is also available at:
http://ipsec-wit.antd.nist.gov/newipsecdoc/pluto.html AND
http://www.antd.nist.gov/cerberus

PlutoPlus, our IKE reference implementation (which is based on
the original Pluto by Angelos Keromytis), is in an early alpha 
state.  Currently, it conducts only Phase 1 Main Mode/Phase 2 
Quick Mode negotiations authenticated with a pre-shared key.  
(Complete details about PlutoPlus’s capabilities and shortcomings 
are available on the PlutoPlus Documentation Web Page.)  Once 
PlutoPlus has undergone sufficient testing, the source code will be 
released to interested parties (in the U.S. and Canada only).

For further information, please contact ipsec-wit-dev@antd.nist.gov.