[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
New Linux-IPSEC mailing list for the S/WAN project
- To: cypherpunks, coderpunks
- Subject: New Linux-IPSEC mailing list for the S/WAN project
- From: John Gilmore <[email protected]>
- Date: Sat, 09 Nov 1996 01:29:43 -0800
- Sender: [email protected]
I'm sending you this message because you might be interested in
helping to build or test or document, or teach about, my S/WAN project
to secure 5% of the net by Christmas.
There is now a public mailing list which you can join to find out
what's happening in the project, get the latest software for testing,
ask questions, etc. To join the list, send mail to:
[email protected]
The email should contain a single line that just says:
subscribe
This mailing list will have discussions, not just announcements,
and will be very technical (not political or social).
The S/WAN project's goal is to provide free software that makes it
easy to encrypt a site's net traffic automatically, and to encourage
acceptance and deployment of this software. My original timetable
aimed to have 5% of the net encrypted by Christmas. We will not meet
this goal; it was romantic, but very ambitious. Instead, my current
goal is to have our first complete software release available by
Christmas, which people can use to encrypt 5% of the net in the
following months. This is still an ambitious goal.
In case you haven't been following developments in the project,
there's a new version of the Domain Name System BIND code that you can
install to enable your site to publish its keys to the net. Our
software to USE the keys isn't ready yet -- but it usually takes weeks
or months to get your domain administrator to update their version of
BIND, so it's a great idea to get them started now.
There's also a very new test version of the Linux kernel code that
implements low-level packet encryption. This code requires manual
configuration, and only implements single-DES rather than triple-DES.
It has a long way to go. But it enables you to manually set up
encrypted tunnels to other sites around the Internet (such as other
sites in your company, or which you collaborate with). Shaking out
this layer and making it solid and bulletproof is important, so we can
depend on it as we build the higher layers that provide encrypting
tunnels automatically and opportunistically. Details on how to get
the test software are in the web page at:
http://www.cygnus.com/~gnu/swan.html
I hope that having a mailing list for the helpers and implementers
will make it easier for everyone to stay up to date, and easier for
everyone to contribute. If we all push in the same direction, we may
have 5% of the net traffic encrypted by Easter...
John Gilmore
PS: The new Linux-IPSEC mailing list is graciously hosted in Finland
by Tatu Ylonen, author of ssh, another good piece of cryptographic
software. Linux is the free operating system on which the project is
being built. IPSEC is the set of (Internet Protocol SECurity)
protocols which add packet-level encryption to TCP/IP.