head	1.5;
access;
symbols
	RELEASE_8_3_0:1.5
	RELEASE_9_0_0:1.5
	RELEASE_7_4_0:1.5
	RELEASE_8_2_0:1.5
	RELEASE_6_EOL:1.5
	RELEASE_8_1_0:1.5
	RELEASE_7_3_0:1.5
	RELEASE_8_0_0:1.5
	RELEASE_7_2_0:1.5
	RELEASE_7_1_0:1.5
	RELEASE_6_4_0:1.5
	RELEASE_5_EOL:1.5
	RELEASE_7_0_0:1.5
	RELEASE_6_3_0:1.5
	PRE_XORG_7:1.5
	RELEASE_4_EOL:1.5
	RELEASE_6_2_0:1.4
	RELEASE_6_1_0:1.4
	RELEASE_5_5_0:1.4
	RELEASE_6_0_0:1.4
	RELEASE_5_4_0:1.3
	old_RELEASE_4_11_0:1.2
	old_RELEASE_5_3_0:1.2
	old_RELEASE_4_10_0:1.2
	old_RELEASE_5_2_1:1.2
	old_RELEASE_5_2_0:1.2
	old_RELEASE_4_9_0:1.2
	old_RELEASE_5_1_0:1.2
	old_RELEASE_4_8_0:1.2
	old_RELEASE_5_0_0:1.2
	old_RELEASE_4_7_0:1.2
	old_RELEASE_4_6_2:1.2
	old_RELEASE_4_6_1:1.2
	old_RELEASE_4_6_0:1.2
	old_RELEASE_5_0_DP1:1.2
	old_RELEASE_4_5_0:1.2
	old_RELEASE_4_4_0:1.2
	old_RELEASE_4_3_0:1.2
	old_RELEASE_4_2_0:1.1.1.1
	old_RELEASE_4_1_1:1.1.1.1
	old_RELEASE_4_1_0:1.1.1.1
	old_v20000705a:1.1.1.1
	old_KAME:1.1.1;
locks; strict;
comment	@# @;


1.5
date	2006.12.30.11.46.48;	author sumikawa;	state Exp;
branches;
next	1.4;

1.4
date	2005.07.04.16.41.41;	author sumikawa;	state Exp;
branches;
next	1.3;

1.3
date	2005.02.01.18.59.09;	author sumikawa;	state Exp;
branches;
next	1.2;

1.2
date	2001.01.07.15.40.11;	author will;	state Exp;
branches;
next	1.1;

1.1
date	2000.07.05.09.19.28;	author sumikawa;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	2000.07.05.09.19.28;	author sumikawa;	state Exp;
branches;
next	;


desc
@@


1.5
log
@Upgrade to 20061228a. IKEv1 has been supported.
@
text
@"racoon2" is a system to exchange and to install security parameters
for the IPsec.

Currently the system supports the following specification:

	Internet Key Exchange (IKEv2) Protocol
	draft-ietf-ipsec-ikev2-17.txt

	Kerberized Internet Negotiation of Keys (KINK)
	draft-ietf-kink-kink-06.txt

	PF_KEY Key Management API, Version 2
	RFC2367
	
	The Internet Key Exchange (IKE)
	RFC2409

WWW: http://www.racoon2.wide.ad.jp/
@


1.4
log
@IKEv2 has been supported.
@
text
@a14 2
The following protocols will be supported soon.

d18 1
a18 1
WWW: http://www.kame.net/
@


1.3
log
@"racoon2" is a system to exchange and to install security parameters
for the IPsec.

Currently the system supports the following specification:

        Internet Key Exchange (IKEv2) Protocol
        draft-ietf-ipsec-ikev2-17.txt
        (The IKE daemon is not included in the current release due to IPR issue)

        Kerberized Internet Negotiation of Keys (KINK)
        draft-ietf-kink-kink-06.txt

        PF_KEY Key Management API, Version 2
        RFC2367

The following protocols will be supported soon.

        The Internet Key Exchange (IKE)
        RFC2409

WWW: http://www.kame.net/

This port was repocopied from secutiry/racoon.
PR:		ports/76814
@
text
@a7 1
	(The IKE daemon is not included in the current release due to IPR issue)
@


1.2
log
@Fix typo.

PR:		24127
Submitted by:	Alex D. Chen <dhchen@@dns.ktvs.org>
@
text
@d1 2
a2 2
racoon speaks IKE (ISAKMP/Oakley) key management protocol, to
establish security association with other hosts.
d4 16
a19 13
Known issues:
- Too many use of dynamic memory allocation, which leads to memory leak.
- Non-threaded implementation.  Simultaneous key negotiation performance
  should be improved.
- Cannot negotiate keys for per-socket policy.
- Cryptic configuration syntax - blame IPsec specification too...
- Needs more documentation.

Design choice, not a bug:
- racoon negotiate IPsec keys only.  It does not negotiate policy.  Policy must
  be configured into the kernel separately from racoon.  If you want to
  support roaming clients, you may need to have a mechanism to put policy
  for the roaming client after phase 1 finishes.
@


1.1
log
@Initial revision
@
text
@d16 1
a16 1
  for the roaming client after phase 1 finhises.
@


1.1.1.1
log
@racoon: KAME IKE daemon
@
text
@@
