CREDITS

   1 We haven't kept proper track of everybody who has helped us, alas, but
   2 here's a first attempt at acknowledgements...
   3
   4 Most of the FreeS/WAN software has been done by Richard Guy Briggs
   5 (KLIPS), D. Hugh Redelmeier (Pluto), Michael Richardson (technical lead,
   6 KLIPS, testing, etc.), Henry Spencer (past technical lead, scripts,
   7 libraries, packaging, etc.), Sandy Harris (documentation), Claudia
   8 Schmeing (support, documentation), and Sam Sgro (support, releases).
   9 Peter Onion has collaborated extensively with RGB on PFKEY2 stuff.  The
  10 original version of our IPComp code came from Svenning Soerensen, who has
  11 also contributed various bug fixes and improvements.
  12
  13 The first versions of Pluto were done by Angelos D. Keromytis
  14 <angelos@dsl.cis.upenn.edu>.
  15
  16 The MD2 implementation is from RSA Data Security Inc., so this package must
  17 include the following phrase: "RSA Data Security, Inc. MD2 Message Digest
  18 Algorithm"  It is not under the GPL; see details in programs/pluto/md2.c.
  19
  20 The MD5 implementation is from RSA Data Security Inc., so this package must
  21 include the following phrase:  "derived from the RSA Data Security, Inc.
  22 MD5 Message-Digest Algorithm".  It is not under the GPL; see details in
  23 linux/net/ipsec/ipsec_md5c.c.
  24
  25 The PKCS#11 header files in programs/pluto/rsaref/ are from RSA Security Inc.,
  26 so they must include the following phrase: "RSA Security Inc. PKCS#11
  27 Cryptographic Token Interface (Cryptoki)". The headers are not under the GPL;
  28 see details in programs/pluto/rsaref/pkcs11.h.
  29
  30 The LIBDES library by Eric Young is used.  It is not under the GPL -- see
  31 details in libdes/COPYRIGHT -- although he has graciously waived the
  32 advertising clause for FreeS/WAN use of LIBDES.
  33
  34 The SHA-1 code is derived from Steve Reid's; it is public domain.
  35
  36 Some bits of Linux code, notably drivers/net/new_tunnel.c and net/ipv4/ipip.c,
  37 are used in heavily modified forms.
  38
  39 The lib/pfkeyv2.h header file contains public-domain material published in
  40 RFC 2367.
  41
  42 Delete SA code and Notification messages were contributed by Mathieu Lafon.
  43 He also implemented the vital NAT traversal support.
  44
  45 Peter Onion has been immensely helpful in finding portability bugs in
  46 general, and in making FreeS/WAN work on the Alpha in particular.  Rob
  47 Hatfield likewise found and fixed some problems making it work on the
  48 Netwinder.
  49
  50 John S. Denker of AT&T Shannon Labs has found a number of bugs the hard
  51 way, has pointed out various problems (some of which we have fixed!) in
  52 using the software in production applications, and has suggested some
  53 substantial improvements to the documentation.
  54
  55 Marc Boucher <marc@mbsi.ca> did a quick-and-dirty port of KLIPS to the
  56 Linux 2.2.x kernels, at a time when we needed it badly, and has helped
  57 chase down 2.2.xx bugs and keep us current with 2.4.x development.
  58
  59 John Gilmore organized the FreeS/WAN project and continues to direct it.
  60 Hugh Daniel handles day-to-day management, customer interface, and both
  61 constructive and destructive testing.  See the project's web page
  62 <http://www.freeswan.org> for other contributors to this project and
  63 related ones.
  64
  65 Herbert Xu ported the FreeS/WAN code to the native IPsec stack
  66 of the Linux 2.6 kernel.
  67
  68 Kai Martius added initial support of OpenPGP certificates.
  69
  70 Andreas Steffen introduced the support of X.509 certificates in 2000
  71 and has been both maintaining the  X.509 code and adding extensions
  72 to it ever since.
  73
  74 Andreas Hess, Patric Lichtsteiner, and Roger Wegmann implemented the
  75 the initial X.509 certificate support, relying on Kai Martius's work.
  76
  77 Marco Bertossa and Andreas Schleiss implemented the verification of
  78 the X.509 chain from the peer certificate up to the root CA.
  79
  80 Ueli Galizzi and Ariane Seiler did the original work on the support
  81 of attribute certificates.
  82
  83 Martin Berner and Lukas Suter implemented the definition of group
  84 attributes and dynamic fetching of attribute certificates.
  85
  86 Christoph Gysin and Simon Zwahlen implemented PKCS#15-based
  87 smartcard suppport and contributed a fully operational OCSP client.
  88
  89 David Buechi and Michael Meier implemented the PKCS#11 smartcard
  90 interface.
  91
  92 The support of port and protocol selectors was based on Stephen J.
  93 Bevan's original work.
  94
  95 Stephane Laroche donated the original LDAP and HTTP fetching code
  96 based on pthreads.
  97
  98 JuanJo Ciarlante introduced the modular support of alternative
  99 encryption and authentication algorithms (AES, Serpent, twofish, etc).
 100
 101 The ipsec starter is based on Mathieu Lafon's original work.
 102
 103 Jan Hutter and Martin Willi developed the scepclient which fully
 104 supports Cisco's Simple Certificate Enrollment Protocol (SCEP).
 105
 106 Tobias Brunner and Daniel Roethlisberger implemented NAT traversal and
 107 dead peer detection for the IKEv2 keying daemon.
 108
 109 Daniel Wydler implemented the integrity test of the libstrongswan code
 110 using the FIPS_canister code from the OpenSSL-FIPS project.