From aa0f5b38aec14428b4b80e06f90ff781f8bca5f1 Mon Sep 17 00:00:00 2001
From: Rene Mayrhofer <rene@mayrhofer.eu.org>
Date: Mon, 22 May 2006 05:12:18 +0000
Subject: Import initial strongswan 2.7.0 version into SVN.

---
 doc/src/rfc.html | 158 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 158 insertions(+)
 create mode 100644 doc/src/rfc.html

(limited to 'doc/src/rfc.html')

diff --git a/doc/src/rfc.html b/doc/src/rfc.html
new file mode 100644
index 000000000..762c66c6e
--- /dev/null
+++ b/doc/src/rfc.html
@@ -0,0 +1,158 @@
+<html>
+<head>
+  <meta http-equiv="Content-Type" content="text/html">
+  <title>IPsec RFCs</title>
+  <meta name="keywords"
+  content="IPsec, VPN, security, FreeSWAN, RFC, standard">
+  <!--
+
+  Written by Sandy Harris for the Linux FreeS/WAN project
+  Freely distributable under the GNU General Public License
+
+  More information at www.freeswan.org
+  Feedback to users@lists.freeswan.org
+
+  CVS information:
+  RCS ID:          $Id: rfc.html,v 1.1 2004/03/15 20:35:24 as Exp $
+  Last changed:    $Date: 2004/03/15 20:35:24 $
+  Revision number: $Revision: 1.1 $
+
+  CVS revision numbers do not correspond to FreeS/WAN release numbers.
+  -->
+</head>
+
+<body>
+<h1><a name="RFC">IPsec RFCs and related documents</a></h1>
+
+<h2><a name="RFCfile">The RFCs.tar.gz Distribution File</a></h2>
+
+<p>The Linux FreeS/WAN distribution is available from <a
+href="http://www.xs4all.nl/~freeswan"> our primary distribution site</a> and
+various mirror sites. To give people more control over their downloads, the
+RFCs that define IP security are bundled separately in the file
+RFCs.tar.gz.</p>
+
+<p>The file you are reading is included in the main distribution and is
+available on the web site. It describes the RFCs included in the <a
+href="#RFCs.tar.gz">RFCs.tar.gz</a> bundle and gives some pointers to <a
+href="#sources">other ways to get them</a>.</p>
+
+<h2><a name="sources">Other sources for RFCs &amp; Internet drafts</a></h2>
+
+<h3><a name="RFCdown">RFCs</a></h3>
+
+<p>RFCs are downloadble at many places around the net such as:</p>
+<ul>
+  <li><a href="http://www.rfc-editor.org">http://www.rfc-editor.org</a></li>
+  <li><a href="http://nis.nsf.net/internet/documents/rfc">NSF.net</a></li>
+  <li><a href="http://sunsite.doc.ic.ac.uk/computing/internet/rfc">Sunsite in
+    the UK</a></li>
+</ul>
+
+<p>browsable in HTML form at others such as:</p>
+<ul>
+  <li><a
+  href="http://www.landfield.com/rfcs/index.html">landfield.com</a></li>
+  <li><a href="http://www.library.ucg.ie/Connected/RFC">Connected Internet
+    Encyclopedia</a></li>
+</ul>
+
+<p>and some of them are available in translation:</p>
+<ul>
+  <li><a href="http://www.eisti.fr/eistiweb/docs/normes/">French</a></li>
+</ul>
+
+<p>There is also a published <a href="biblio.html#RFCs">Big Book of IPSEC
+RFCs</a>.</p>
+
+<h3><a name="drafts">Internet Drafts</a></h3>
+
+<p>Internet Drafts, working documents which sometimes evolve into RFCs, are
+also available.</p>
+<ul>
+  <li><a href="http://www.ietf.org/ID.html">Overall reference page</a></li>
+  <li><a href="http://www.ietf.org/ids.by.wg/ipsec.html">IPsec</a> working
+    group</li>
+  <li><a href="http://www.ietf.org/ids.by.wg/ipsra.html">IPSRA (IPsec Remote
+    Access)</a> working group</li>
+  <li><a href="http://www.ietf.org/ids.by.wg/ipsp.html">IPsec Policy</a>
+    working group</li>
+  <li><a href="http://www.ietf.org/ids.by.wg/kink.html">KINK (Kerberized
+    Internet Negotiation of Keys)</a>  working group</li>
+</ul>
+
+<p>Note: some of these may be obsolete, replaced by later drafts or by
+RFCs.</p>
+
+<h3><a name="FIPS1">FIPS standards</a></h3>
+
+<p>Some things used by <a href="glossary.html#IPSEC">IPsec</a>, such as <a
+href="glossary.html#DES">DES</a> and <a href="glossary.html#SHA">SHA</a>, are
+defined by US government standards called <a
+href="glossary.html#FIPS">FIPS</a>. The issuing organisation, <a
+href="glossary.html#NIST">NIST</a>, have a <a
+href="http://www.itl.nist.gov/div897/pubs">FIPS home page</a>.</p>
+
+<h2><a name="RFCs.tar.gz">What's in the RFCs.tar.gz bundle?</a></h2>
+
+<p>All filenames are of the form rfc*.txt, with the * replaced with the RFC
+number.</p>
+<pre>RFC#        Title</pre>
+
+<h3><a name="rfc.ov">Overview RFCs</a></h3>
+<pre>2401        Security Architecture for the Internet Protocol
+2411        IP Security Document Roadmap</pre>
+
+<h3><a name="basic.prot">Basic protocols</a></h3>
+<pre>2402        IP Authentication Header
+2406        IP Encapsulating Security Payload (ESP)</pre>
+
+<h3><a name="key.ike">Key management</a></h3>
+<pre>2367        PF_KEY Key Management API, Version 2
+2407        The Internet IP Security Domain of Interpretation for ISAKMP
+2408        Internet Security Association and Key Management Protocol (ISAKMP)
+2409        The Internet Key Exchange (IKE)
+2412        The OAKLEY Key Determination Protocol
+2528        Internet X.509 Public Key Infrastructure</pre>
+
+<h3><a name="rfc.detail">Details of various things used</a></h3>
+<pre>2085        HMAC-MD5 IP Authentication with Replay Prevention
+2104        HMAC: Keyed-Hashing for Message Authentication
+2202        Test Cases for HMAC-MD5 and HMAC-SHA-1
+2207        RSVP Extensions for IPSEC Data Flows
+2403        The Use of HMAC-MD5-96 within ESP and AH
+2404        The Use of HMAC-SHA-1-96 within ESP and AH
+2405        The ESP DES-CBC Cipher Algorithm With Explicit IV
+2410        The NULL Encryption Algorithm and Its Use With IPsec
+2451        The ESP CBC-Mode Cipher Algorithms
+2521        ICMP Security Failures Messages</pre>
+
+<h3><a name="rfc.ref">Older RFCs which may be referenced</a></h3>
+<pre>1321        The MD5 Message-Digest Algorithm
+1828        IP Authentication using Keyed MD5
+1829        The ESP DES-CBC Transform
+1851        The ESP Triple DES Transform
+1852        IP Authentication using Keyed SHA</pre>
+
+<h3><a name="rfc.dns">RFCs for secure DNS service, which IPsec may
+use</a></h3>
+<pre>2137        Secure Domain Name System Dynamic Update
+2230        Key Exchange Delegation Record for the DNS
+2535        Domain Name System Security Extensions
+2536        DSA KEYs and SIGs in the Domain Name System (DNS)
+2537        RSA/MD5 KEYs and SIGs in the Domain Name System (DNS)
+2538        Storing Certificates in the Domain Name System (DNS)
+2539        Storage of Diffie-Hellman Keys in the Domain Name System (DNS)</pre>
+
+<h3><a name="rfc.exp">RFCs labelled "experimental"</a></h3>
+<pre>2521        ICMP Security Failures Messages
+2522        Photuris: Session-Key Management Protocol
+2523        Photuris: Extended Schemes and Attributes</pre>
+
+<h3><a name="rfc.rel">Related RFCs</a></h3>
+<pre>1750        Randomness Recommendations for Security
+1918        Address Allocation for Private Internets
+1984        IAB and IESG Statement on Cryptographic Technology and the Internet
+2144        The CAST-128 Encryption Algorithm</pre>
+</body>
+</html>
-- 
cgit v1.2.3