You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

63 lines
2.8 KiB

[COPY] --- SDE-COPYRIGHT-NOTE-BEGIN ---
[COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
[COPY]
[COPY] Filename: package/.../strongswan/strongswan.desc
[COPY] Copyright (C) 2006 - 2011 The OpenSDE Project
[COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
[COPY]
[COPY] More information can be found in the files COPYING and README.
[COPY]
[COPY] This program is free software; you can redistribute it and/or modify
[COPY] it under the terms of the GNU General Public License as published by
[COPY] the Free Software Foundation; version 2 of the License. A copy of the
[COPY] GNU General Public License can be found in the file COPYING.
[COPY] --- SDE-COPYRIGHT-NOTE-END ---
[I] An IPsec implementation for Linux
[T] strongSwan is an OpenSource IPsec implementation for the Linux operating
[T] system.
[T] It is based on the discontinued FreeS/WAN project and the X.509 patch which
[T] we developped over the last three years. In order to have a stable IPsec
[T] platform to base our future extensions of the X.509 capability on, we
[T] decided to lauch the strongSwan project.
[T]
[T] The focus is on
[T] - simplicity of configuration
[T] - strong encryption and authentication methods
[T] - powerful IPsec policies supporting large and complex VPN networks
[T]
[T] strongSwan features includes:
[T] - both on Linux 2.4 (KLIPS) and Linux 2.6 (native IPsec) kernels.
[T] - Fast connection startup and periodic update using ipsec starter
[T] - Automatic insertion and deletion of IPsec policy based firewall rules
[T] - strong 3DES, AES, Serpent, Twofish, or Blowfish encryption
[T] - NAT-Traversal (RFC 3947) and support of virtual IPs and IKE Mode Config
[T] - Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels
[T] - Authentication based on X.509 certificates or preshared keys
[T] - Authentication based on X.509 certificates or preshared keys
[T] - Generation of a default self-signed certificate during first strongSwan startup
[T] - Retrieval and local caching of Certificate Revocation Lists via HTTP or LDAP
[T] - Full support of the Online Certificate Status Protocol (OCSP, RCF 2560)
[T] - CA management (OCSP and CRL URIs, default LDAP server)
[T] - Powerful IPsec policies based on wildcards or intermediate CAs
[T] - Group policies based on X.509 attribute certificates ( RFC 3281)
[T] - Optional storage of RSA private keys and certificates on a smartcard
[T] - Smartcard access via standardized PKCS #11 interface
[T] - PKCS #11 proxy function offering RSA decryption services via whack
[U] http://www.strongswan.org/
[A] Andreas Steffen <andreas.steffen@zhwin.ch>
[M] Christian Wiese <jeru@ixplanet.org>
[C] extra/security
[L] GPL
[S] Stable
[V] 4.5.2
[P] X -----5---9 200.500
[D] 470330791 strongswan-4.5.2.tar.bz2 http://download.strongswan.org/