From owner-freebsd-security Fri Dec 1 23:36:03 1995 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.6.12/8.6.6) id XAA00603 for security-outgoing; Fri, 1 Dec 1995 23:36:03 -0800 Received: from maui.com (langfod@waena.mrtc.maui.com [199.4.33.17]) by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id XAA00590 for ; Fri, 1 Dec 1995 23:35:54 -0800 Received: (from langfod@localhost) by maui.com (8.6.10/8.6.6) id VAA17697 for security@freebsd.org; Fri, 1 Dec 1995 21:40:11 -1000 From: David Langford Message-Id: <199512020740.VAA17697@ maui.com> Subject: BoS: SKIP Source Release is out! (fwd) To: security@freebsd.org Date: Fri, 1 Dec 1995 21:40:11 -1000 (HST) X-blank-line: This space intentionaly left blank. X-Mailer: ELM [version 2.4 PL23] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 5041 Sender: owner-security@freebsd.org Precedence: bulk There was some mention about secure transports and FreeBSD a bit ago. I thought someone might be interested in this bit of news. >From owner-best-of-security@suburbia.net Wed Nov 29 00:31:57 1995 >Date: Tue, 28 Nov 1995 17:22:29 -0800 >From: markson@osmosys.incog.com (Tom Markson) >To: cypherpunks@toad.com >Subject: BoS: SKIP Source Release is out! >Precedence: bulk >Sender: owner-best-of-security@suburbia.net > >Hi, > >Check out http://skip.incog.com. We've released the source to the SKIP >key management and IP layer encryption package for SunOs 4.x. > >Here's a piece of the README file: > > > ALPHA 1 Release of SKIP Reference Source for SunOS 4.1.3 > -------------------------------------------------------- > >SKIP is a Key-management protocol for IP based protocols. It is an >acronym for Simple Key-management for Internet Protocols. SKIP is >documented in the SKIP IETF IPSEC draft included in this directory >as draft-ietf-ipsec-skip-05.txt. The most recent SKIP draft is >always available at http://skip.incog.com and the Internet-Drafts >directories. > >>From this public domain source release, you can build a fully >functional IP-layer encryption package which supports DES and >Triple-DES for SunOS 4.1.3. This means that every IP networked >application can have it's network traffic encrypted. Unlike >application level encryption packages, this package encrypts >IP packets. Thus, applications do not need to be recompiled or >modified to take advantage of encryption. > >The SKIP source is possible through the efforts of engineers in Sun >Microsystems Internet Commerce Group. The developers and designers >are Ashar Aziz, Tom Markson, Martin Patterson, Hemma Prafullchandra and >Joseph Reveane. Linda Cavanaugh worked on the documentation. > >The package compiles under both the SunPro compiler and GCC. We expect >that this release should port without too much pain to any operating >system which uses BSD style networking (mbufs). > >A legal warning: Because this package contains strong encryption, the >Software must not be transferred to persons who are not US citizens or >permanent residents of the US, or exported outside the US (except >Canada) in any form (including by electronic transmission) without >prior written approval from the US Government. Non-compliance with >these restrictions constitutes a violation of the U.S. Export Control >Laws. > >This source release may be used for both commercial and noncommercial >purposes, subject to the restrictions described in the software and >patent license statements. > >Furthermore, Sun Microsystems has licensed the Stanford public key patents >from Cylink Corp. which are available to users of this package on a royalty >free basis. The patent statement is in README.PATENT. Be sure to read this, >as it contains some restrictions and other important information. > >Also included in this release is a high speed Big Number package written >by Colin Plumb. bnlib/legal.c contains Colin's software license statement. > >Features >-------- > 1. SKIP V2 compliant implementation using ESP encapsulation. > 2. Support for DES/3DES for traffic and key encryption. > 3. Diffie-Hellman Public Key Agreement based system. > 4. Full Support for manual establishment of master keys. > 5. Support for multiple NSIDs and multiple local certificates. > 6. GUI tool for user friendly manipulation of access control lists > and key statistics. > 7. Command line tools for manipulating access control lists, etc. > 8. Implementation of the Certificate Discovery protocol fully > integrated into SKIP. > 9 Implementation of X.509 public key certificates. > 10. Implementation of DSA signature algorithm for certificate > signatures. > 11. Implementation for MD2, MD5 and SHA message digest algorithms. > 12. Implementation of ASN.1 DER encoding/decoding. > 13. SunScreen(tm) SKIP compatibility mode. > 14. Implementation of hashed public keys as defined in the SKIP > draft. Implementation of programs to generate hashed public > keys. > 15. Certificate utilities to convert X.509 Certificates to hashed > keys and print both X.509 and Hashed certificates. > 16. High performance Big Number library for Diffie-Hellman > calculations. > 17. Implementation is effectively "public domain" and may be used both > commercially and non-commercially. > 18. Patent Agreement with Cylink allows roylaty-free use of the > Diffie-Hellman and other Stanford patents with this package for > commercial and non-commercial use. Read README.PATENT for > some restrictions. > 19. Inclusion of prime generation program used to generate the > primes in SKIP draft. > > > -- /--------------------------------------------------------------------\ | David Langford - Kihei, Maui, Hawaii - langfod@maui.com | | Maui Research and Technology Center -- Network Administrator | \--------------------------------------------------------------------/