58 lines
1.5 KiB
Plaintext
58 lines
1.5 KiB
Plaintext
-------------------------
|
|
strongSwan - Roadmap
|
|
-------------------------
|
|
|
|
These notes mostly belong to charon, the new IKEv2 daemon. The plan is to
|
|
migrate IKEv1 into charon. It's hard to say how much effort is needed to
|
|
do that, and how much code we can reuse from pluto. But a port IS necessary to
|
|
gain hassle-free configuration, version negotiation and maintainability.
|
|
|
|
Roadmap 2007
|
|
============
|
|
|
|
Jul ! - reimplement IKEv2 p2p NATT support
|
|
! - release IKEv2 p2p NATT draft 00
|
|
! - interface in charon for the XML based SMP management interface
|
|
! - SMP configuration client
|
|
!
|
|
Aug ! - modular cerendtial backends
|
|
!
|
|
Sep ! - Start IKEv1 implementation in charon
|
|
!
|
|
Oct !
|
|
!
|
|
Nov !
|
|
!
|
|
Dec !
|
|
!
|
|
|
|
|
|
TODO-List
|
|
=========
|
|
|
|
A set of TODOs. This is only a list of things I write down to not forget them.
|
|
Watch out for TODOs in the code.
|
|
|
|
Build options
|
|
-------------
|
|
- Allow static build using libtool dlopen wrapper
|
|
|
|
Certificate support
|
|
-------------------
|
|
- New trustchain mechanism?
|
|
- proper handling of multiple certificate payloads (import order)
|
|
- synchronized CRL fetcher
|
|
- Smartcard interface
|
|
- Attribute certificates
|
|
|
|
Stroke interface
|
|
----------------
|
|
- add a Rekey-Counter for SAs in "statusall"
|
|
- ipsec statusall bytecount
|
|
|
|
Misc
|
|
----
|
|
- Address pool/backend for virtual IP assignement
|
|
- fix iterator->insert_before/after
|
|
- split up kernel interface into: ipsec, routing, interfaces
|