diff options
Diffstat (limited to 'security/racoon2/pkg-descr')
| -rw-r--r-- | security/racoon2/pkg-descr | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/security/racoon2/pkg-descr b/security/racoon2/pkg-descr new file mode 100644 index 0000000..34f8530 --- /dev/null +++ b/security/racoon2/pkg-descr @@ -0,0 +1,18 @@ +racoon speaks IKE (ISAKMP/Oakley) key management protocol, to +establish security association with other hosts. + +Known issues: +- Too many use of dynamic memory allocation, which leads to memory leak. +- Non-threaded implementation. Simultaneous key negotiation performance + should be improved. +- Cannot negotiate keys for per-socket policy. +- Cryptic configuration syntax - blame IPsec specification too... +- Needs more documentation. + +Design choice, not a bug: +- racoon negotiate IPsec keys only. It does not negotiate policy. Policy must + be configured into the kernel separately from racoon. If you want to + support roaming clients, you may need to have a mechanism to put policy + for the roaming client after phase 1 finhises. + +WWW: http://www.kame.net/ |
