Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!nntp.coast.net!news.kei.com!newsfeed.internetmci.com!in2.uu.net!bonkers!not-for-mail
From: skrenta@incog.com (Rich Skrenta)
Newsgroups: comp.unix.bsd.freebsd.announce
Subject: SKIP IP-layer encryption release Beta 2.3
Date: 23 Jun 1996 02:00:58 -0500
Organization: Sun Microsystems, Internet Commerce Group
Lines: 67
Sender: daemon@taronga.com
Approved: peter@taronga.com
Message-ID: <4qiq3a$3t7@bonkers.taronga.com>
NNTP-Posting-Host: localhost.taronga.com
We are pleased to announce the newest release of our domestic source
reference implementation into the public domain.
From this public domain source release, you can build a fully functional
IP-layer encryption and authentication package with full key management.
Both FreeBSD 2.1.0 and SunOS 4.1.3 are supported in this release.
DES, triple-DES and SAFER are supported for encryption and keyed-MD5 is
supported for authentication.
This source produces a package which contains a loadable module which
works with existing TCP/IP stacks. You do not need to replace (or even
recompile) your IP stack to use this package.
SKIP encrypts traffic at the IP packet layer. Applications do not need
to be recompiled or modified to take advantage of encryption.
Source and pre-built binaries (for FreeBSD 2.1.0) may be obtained by US
and Canadian citizens from http://skip.incog.com/
This software may be used without restriction, for commercial
and/or non-commercial purposes.
Features of this release
------------------------
o Support for FreeBSD2.1.0
o SKIP V2 compliant implementation using ESP and AH encapsulation.
o Support for Authentication using keyed-MD5.
o Support for DES, 3DES, and SAFER 128SK for traffic and key
encryption.
o Support for nomadic users
o Support for multiple local identities with different sets of
parameters.
o Support for multiple CA (Certificate Authority) certificates.
o Transport mode is supported.
o New Certificate Discovery protocol.
o Highly configurable key manager.
o Support for RAW AH and ESP protocols.
o Diffie-Hellman Public Key Agreement based system.
o Support for multiple NSIDs and multiple local certificates.
o GUI tool for user friendly manipulation of access control lists
and key statistics.
o Command line tools for manipulating access control lists, etc.
o Implementation of the Certificate Discovery protocol fully
integrated into SKIP.
o Implementation of X.509 public key certificates.
o Implementation of DSA signature algorithm for certificate
signatures.
o Implementation for MD2, MD5 and SHA message digest algorithms.
o Implementation of ASN.1 DER encoding/decoding.
o SunScreen(tm) SKIP compatibility mode.
o Implementation of hashed public keys as defined in the SKIP
draft. Implementation of programs to generate hashed public
keys, to convert X.509 Certificates to hashed
keys and print both X.509 and Hashed certificates.
o High performance Big Number library for Diffie-Hellman
calculations.
o Implementation is effectively "public domain" and may be used both
commercially and non-commercially.
o Patent Agreement with Cylink allows royalty-free use of the
Diffie-Hellman and other Stanford patents with this package for
commercial and non-commercial use. Read README.PATENT for
some restrictions.
o Inclusion of prime generation program used to generate the
primes in SKIP draft.