[COPY] --- SDE-COPYRIGHT-NOTE-BEGIN --- [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch. [COPY] [COPY] Filename: package/.../strongswan/strongswan.desc [COPY] Copyright (C) 2006 - 2012 The OpenSDE Project [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project [COPY] [COPY] More information can be found in the files COPYING and README. [COPY] [COPY] This program is free software; you can redistribute it and/or modify [COPY] it under the terms of the GNU General Public License as published by [COPY] the Free Software Foundation; version 2 of the License. A copy of the [COPY] GNU General Public License can be found in the file COPYING. [COPY] --- SDE-COPYRIGHT-NOTE-END --- [I] An IPsec implementation for Linux [T] strongSwan is an OpenSource IPsec implementation for the Linux operating [T] system. [T] It is based on the discontinued FreeS/WAN project and the X.509 patch which [T] we developped over the last three years. In order to have a stable IPsec [T] platform to base our future extensions of the X.509 capability on, we [T] decided to lauch the strongSwan project. [T] [T] The focus is on [T] - simplicity of configuration [T] - strong encryption and authentication methods [T] - powerful IPsec policies supporting large and complex VPN networks [T] [T] strongSwan features includes: [T] - both on Linux 2.4 (KLIPS) and Linux 2.6 (native IPsec) kernels. [T] - Fast connection startup and periodic update using ipsec starter [T] - Automatic insertion and deletion of IPsec policy based firewall rules [T] - strong 3DES, AES, Serpent, Twofish, or Blowfish encryption [T] - NAT-Traversal (RFC 3947) and support of virtual IPs and IKE Mode Config [T] - Dead Peer Detection (DPD, RFC 3706) takes care of dangling tunnels [T] - Authentication based on X.509 certificates or preshared keys [T] - Authentication based on X.509 certificates or preshared keys [T] - Generation of a default self-signed certificate during first strongSwan startup [T] - Retrieval and local caching of Certificate Revocation Lists via HTTP or LDAP [T] - Full support of the Online Certificate Status Protocol (OCSP, RCF 2560) [T] - CA management (OCSP and CRL URIs, default LDAP server) [T] - Powerful IPsec policies based on wildcards or intermediate CAs [T] - Group policies based on X.509 attribute certificates ( RFC 3281) [T] - Optional storage of RSA private keys and certificates on a smartcard [T] - Smartcard access via standardized PKCS #11 interface [T] - PKCS #11 proxy function offering RSA decryption services via whack [U] http://www.strongswan.org/ [A] Andreas Steffen [M] Christian Wiese [C] extra/security [L] GPL [S] Stable [V] 4.6.3 [P] X -----5---9 200.500 [D] 3809695016 strongswan-4.6.3.tar.bz2 http://download.strongswan.org/