[Mac_crypto] [Users] ANNOUNCE: strongswan-2.0.0 released

R. A. Hettinga mac_crypto@vmeng.com
Fri, 19 Mar 2004 10:34:21 -0500

In English, even...


--- begin forwarded text

Date: Thu, 18 Mar 2004 21:59:14 +0100
From: Andreas Steffen <andreas.steffen@strongsec.net>
Organization: strongSec GmbH
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6)
To: FreeS/WAN <users@mj2.freeswan.org>,
	users <users@lists.openswan.org>
Cc: Juergen Schmidt <ju@ct.heise.de>
Subject: [Users] ANNOUNCE:  strongswan-2.0.0 released
List-Post: <users@lists.freeswan.org>
List-Id: Discussion on the day to day usage of FreeS/WAN IPsec
List-Archive: <https://mj2.freeswan.org/archives>
Sender: users-owner@mj2.freeswan.org

Dear FreeS/WAN users,

for three years in a row I've been releasing my X.509 patch, starting
out in the year 2000 with a very rudimentary X.509 support for freeswan-1.3
up to the feature-rich X.509-1.5.3 release for the latest and last
FreeS/WAN versions 2.04/2.05.

The official announcement of the discontinuation of the FreeS/WAN
project made me reflect on the future direction my X.509 project should
take. One alternative was to contribute directly to the Openswan project
and the second one to start a distribution of my own. My personal
experience with the freeswan-2.0x releases over the last year that
involved continuous and very tiresome adaptations of my patches against
an ever moving target convinced me to take the distribution into my
own hands.

Therefore I officially announce the strongSwan OpenSource project
hosted at


The objectives of strongSwan will be:

     * simplicity of configuration
     * strong encryption and authentication methods
     * powerful IPsec policies facilitating the management of
       large and complex VPN networks

The current release strongswan-2.0.0 is based on freeswan-2.04 and
the latest X.509 patch 1.5.3. In addition to that NAT traversal and
the additional encryption algorithms AES, Serpent, Blowfish and Twofish,
as well as SHA-2 authentication are supported. Dead Peer Detection (DPD)
will be added in one of the next releases.

strongswan-2.0.0 runs both on Linux 2.4 (with KLIPS) and Linux 2.6
(with the native IPsec stack).

The forthcoming release strongswan-2.1.0 will bring some powerful
tools for the management of Certification Authorities (CAs), allowing
e.g. to define CRL and OCSP URLs per CA in ipsec.conf.

The Openswan team is heartily invited to integrate all or parts of
my future X.509 extensions into their project since all code will be
put under the GPL licence. Also contributions to strongSwan are welcome
as long as they fit the three objectives listed above.

Kind regards


Andreas Steffen                   e-mail: andreas.steffen@strongsec.com
strongSec GmbH                    home:   http://www.strongsec.com
Alter Zürichweg 20                phone:  +41 1 730 80 64
CH-8952 Schlieren (Switzerland)   fax:    +41 1 730 80 65
==========================================[strong internet security]===
FreeS/WAN Users mailing list

--- end forwarded text

R. A. Hettinga <mailto: rah@ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'