Folks on this list may be interested in a new tech report:

        Shreyas Srivatsan, Maritza Johnson, and Steven M. Bellovin. Simple-VPN: 
Simple IPsec configuration. Technical Report CUCS-020-10, Department of 
Computer Science, Columbia University, July 2010.

The IPsec protocol promised easy, ubiquitous encryption. That has never 
happened. For the most part, IPsec usage is confined to VPNs for road warriors, 
largely due to needless configuration complexity and incompatible 
implementations.  We have designed a simple VPN configuration language that 
hides the unwanted complexities. Virtually no options are necessary or 
possible. The administrator specifies the absolute minimum of information: the 
authorized hosts, their operating systems, and a little about the network 
topology; everything else, including certificate generation, is automatic. Our 
implementation includes a multitarget compiler, which generates 
implementation-specific configuration files for three different platforms; 
others are easy to add.

We hope to have the code up on Sourceforge soon.

                --Steve Bellovin,

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Reply via email to