2006-04-28 07:14:48 +00:00
|
|
|
We haven't kept proper track of everybody who has helped us, alas, but
|
|
|
|
here's a first attempt at acknowledgements...
|
|
|
|
|
|
|
|
Most of the FreeS/WAN software has been done by Richard Guy Briggs
|
|
|
|
(KLIPS), D. Hugh Redelmeier (Pluto), Michael Richardson (technical lead,
|
|
|
|
KLIPS, testing, etc.), Henry Spencer (past technical lead, scripts,
|
|
|
|
libraries, packaging, etc.), Sandy Harris (documentation), Claudia
|
|
|
|
Schmeing (support, documentation), and Sam Sgro (support, releases).
|
|
|
|
Peter Onion has collaborated extensively with RGB on PFKEY2 stuff. The
|
|
|
|
original version of our IPComp code came from Svenning Soerensen, who has
|
|
|
|
also contributed various bug fixes and improvements.
|
|
|
|
|
2007-08-29 11:04:55 +00:00
|
|
|
The first versions of Pluto were done by Angelos D. Keromytis
|
|
|
|
<angelos@dsl.cis.upenn.edu>.
|
2006-04-28 07:14:48 +00:00
|
|
|
|
|
|
|
The MD2 implementation is from RSA Data Security Inc., so this package must
|
|
|
|
include the following phrase: "RSA Data Security, Inc. MD2 Message Digest
|
|
|
|
Algorithm" It is not under the GPL; see details in programs/pluto/md2.c.
|
|
|
|
|
|
|
|
The MD5 implementation is from RSA Data Security Inc., so this package must
|
|
|
|
include the following phrase: "derived from the RSA Data Security, Inc.
|
|
|
|
MD5 Message-Digest Algorithm". It is not under the GPL; see details in
|
|
|
|
linux/net/ipsec/ipsec_md5c.c.
|
|
|
|
|
|
|
|
The PKCS#11 header files in programs/pluto/rsaref/ are from RSA Security Inc.,
|
|
|
|
so they must include the following phrase: "RSA Security Inc. PKCS#11
|
|
|
|
Cryptographic Token Interface (Cryptoki)". The headers are not under the GPL;
|
|
|
|
see details in programs/pluto/rsaref/pkcs11.h.
|
|
|
|
|
|
|
|
The LIBDES library by Eric Young is used. It is not under the GPL -- see
|
|
|
|
details in libdes/COPYRIGHT -- although he has graciously waived the
|
|
|
|
advertising clause for FreeS/WAN use of LIBDES.
|
|
|
|
|
|
|
|
The SHA-1 code is derived from Steve Reid's; it is public domain.
|
|
|
|
|
|
|
|
Some bits of Linux code, notably drivers/net/new_tunnel.c and net/ipv4/ipip.c,
|
|
|
|
are used in heavily modified forms.
|
|
|
|
|
|
|
|
The lib/pfkeyv2.h header file contains public-domain material published in
|
|
|
|
RFC 2367.
|
|
|
|
|
|
|
|
Delete SA code and Notification messages were contributed by Mathieu Lafon.
|
|
|
|
He also implemented the vital NAT traversal support.
|
|
|
|
|
|
|
|
Peter Onion has been immensely helpful in finding portability bugs in
|
|
|
|
general, and in making FreeS/WAN work on the Alpha in particular. Rob
|
|
|
|
Hatfield likewise found and fixed some problems making it work on the
|
|
|
|
Netwinder.
|
|
|
|
|
|
|
|
John S. Denker of AT&T Shannon Labs has found a number of bugs the hard
|
|
|
|
way, has pointed out various problems (some of which we have fixed!) in
|
|
|
|
using the software in production applications, and has suggested some
|
|
|
|
substantial improvements to the documentation.
|
|
|
|
|
|
|
|
Marc Boucher <marc@mbsi.ca> did a quick-and-dirty port of KLIPS to the
|
|
|
|
Linux 2.2.x kernels, at a time when we needed it badly, and has helped
|
|
|
|
chase down 2.2.xx bugs and keep us current with 2.4.x development.
|
|
|
|
|
|
|
|
John Gilmore organized the FreeS/WAN project and continues to direct it.
|
|
|
|
Hugh Daniel handles day-to-day management, customer interface, and both
|
|
|
|
constructive and destructive testing. See the project's web page
|
|
|
|
<http://www.freeswan.org> for other contributors to this project and
|
|
|
|
related ones.
|
|
|
|
|
|
|
|
Herbert Xu ported the FreeS/WAN code to the native IPsec stack
|
|
|
|
of the Linux 2.6 kernel.
|
|
|
|
|
|
|
|
Kai Martius added initial support of OpenPGP certificates.
|
|
|
|
|
|
|
|
Andreas Steffen introduced the support of X.509 certificates in 2000
|
|
|
|
and has been both maintaining the X.509 code and adding extensions
|
|
|
|
to it ever since.
|
|
|
|
|
|
|
|
Andreas Hess, Patric Lichtsteiner, and Roger Wegmann implemented the
|
|
|
|
the initial X.509 certificate support, relying on Kai Martius's work.
|
|
|
|
|
|
|
|
Marco Bertossa and Andreas Schleiss implemented the verification of
|
|
|
|
the X.509 chain from the peer certificate up to the root CA.
|
|
|
|
|
|
|
|
Ueli Galizzi and Ariane Seiler did the original work on the support
|
|
|
|
of attribute certificates.
|
|
|
|
|
|
|
|
Martin Berner and Lukas Suter implemented the definition of group
|
|
|
|
attributes and dynamic fetching of attribute certificates.
|
|
|
|
|
|
|
|
Christoph Gysin and Simon Zwahlen implemented PKCS#15-based
|
|
|
|
smartcard suppport and contributed a fully operational OCSP client.
|
|
|
|
|
|
|
|
David Buechi and Michael Meier implemented the PKCS#11 smartcard
|
|
|
|
interface.
|
|
|
|
|
|
|
|
The support of port and protocol selectors was based on Stephen J.
|
|
|
|
Bevan's original work.
|
|
|
|
|
|
|
|
Stephane Laroche donated the original LDAP and HTTP fetching code
|
|
|
|
based on pthreads.
|
|
|
|
|
|
|
|
JuanJo Ciarlante introduced the modular support of alternative
|
|
|
|
encryption and authentication algorithms (AES, Serpent, twofish, etc).
|
|
|
|
|
|
|
|
The ipsec starter is based on Mathieu Lafon's original work.
|
|
|
|
|
|
|
|
Jan Hutter and Martin Willi developed the scepclient which fully
|
|
|
|
supports Cisco's Simple Certificate Enrollment Protocol (SCEP).
|
|
|
|
|
2007-08-29 11:04:55 +00:00
|
|
|
Tobias Brunner and Daniel Roethlisberger implemented NAT traversal and
|
|
|
|
dead peer detection for the IKEv2 keying daemon.
|
2006-10-26 11:37:37 +00:00
|
|
|
|
2007-08-29 11:04:55 +00:00
|
|
|
Daniel Wydler implemented the integrity test of the libstrongswan code
|
|
|
|
using the FIPS_canister code from the OpenSSL-FIPS project.
|