Re: IPSec test suite

[Jari Arkko <Jari.Arkko@lmf.ericsson.se>]

I have used some of the test sites, and they are indeed very
useful. Thanks for everybody who is providing them. However,
I believe many IPsec implementations would benefit if there was
a comprehensive suite of test cases available in an easily
executable form that would look not only at the "normal" cases
of IPsec and IKE connections but also various error situations,
test ranges and limits. Instead of the normal authalg x encalg x
authmethod x identitytype combinations, I'm thinking along
the lines of checking what happens when nonces are the smallest
or largest possible, packets get fragmented, ESP padding size
varies to something else than the strictly necessary, number
of transforms or proposals grows very high, all illegal and
error combinations, the known (?) denial of service attacks
against IKE, and so on. Anybody have something like this?

Jari
---- 
Jari Arkko, Oy L M Ericsson Ab, 02420 Jorvas, Finland. Tel +358 9 2992480
Fax +358 9 2993052. GSM +358 40 5079256. E-Mail: Jari.Arkko@ericsson.com
Private WWW: http://www.iki.fi/jar. Standard disclaimers apply.

---

Follow-Ups:

• Re: IPSec test suite
• From: Sandy Harris <sandy@storm.ca>

References:

• RE: IPSec test suite
• From: "Rohit Khosla" <rkhosla@ishoni.com>

---

• Prev by Date: Re: IPSec test suite
• Next by Date: Re: IPSec test suite
• Prev by thread: Re: IPSec test suite
• Next by thread: Re: IPSec test suite
• Index(es):
  • Main
  • Thread