]>
Commit | Line | Data |
---|---|---|
2b4405a3 MW |
1 | ------------------------- |
2 | strongSwan - Roadmap | |
3 | ------------------------- | |
4 | ||
5 | These notes mostly belong to charon, the new IKEv2 daemon. The plan is to | |
6 | migrate IKEv1 into charon. It's hard to say how much effort is needed to | |
7 | do that, and how much code we can reuse from pluto. But a port IS necessary to | |
8 | gain hassle-free confiugration, version negotiation and maintainability. | |
9 | ||
59c5a853 MW |
10 | Roadmap 2007 |
11 | ============ | |
2b4405a3 | 12 | |
59c5a853 MW |
13 | Mar ! - Cookie support, IP filter, other fixes to mature against DoS |
14 | ! - release IKEv2 p2p NATT draft 00 | |
38ab8048 | 15 | ! |
59c5a853 MW |
16 | Apr ! - PRF in CHILD_SA rekeying |
17 | ! - configuration managament refactoring | |
ed284399 MW |
18 | ! - credentials backend redesign |
19 | ! - interface in charon for the XML based SMP management interface | |
59c5a853 | 20 | ! - reimplement IKEv2 p2p NATT support |
38ab8048 | 21 | ! |
ed284399 | 22 | May ! - SMP configuration client |
38ab8048 | 23 | ! |
59c5a853 | 24 | Jun ! - start with IKEv1 migration strategy |
38ab8048 | 25 | ! |
59c5a853 | 26 | Jul ! |
38ab8048 | 27 | ! |
59c5a853 | 28 | Aug ! |
38ab8048 MW |
29 | ! |
30 | Sep ! | |
31 | ! | |
32 | Oct ! | |
33 | ! | |
34 | Nov ! | |
35 | ! | |
59c5a853 | 36 | Dec ! |
38ab8048 | 37 | ! |
2b4405a3 MW |
38 | |
39 | ||
40 | TODO-List | |
41 | ========= | |
42 | ||
43 | A set of TODOs. This is only a list of things I write down to not forget them. | |
44 | Watch out for TODOs in the code. | |
45 | ||
46 | Build system | |
47 | ------------ | |
48 | - configure flag which allows to ommit vendor id in pluto | |
49 | - reduce printf handlers count to 10, as uClibc does not support more | |
e0fe7651 | 50 | - remove %m printf handlers, as error may have changed until it reaches fprintf() |
2b4405a3 | 51 | |
2b4405a3 MW |
52 | Certificate support |
53 | ------------------- | |
54 | - New trustchain mechanism? | |
2b4405a3 MW |
55 | - proper handling of multiple certificate payloads (import order) |
56 | - synchronized CRL fetcher | |
2b4405a3 MW |
57 | - Smartcard interface |
58 | - Attribute certificates | |
59 | ||
60 | Stroke interface | |
61 | ---------------- | |
62 | - add a Rekey-Counter for SAs in "statusall" | |
63 | - ipsec statusall bytecount | |
2b4405a3 MW |
64 | - proper handling of CTRL+C console detach (SIG_PIPE) |
65 | ||
66 | Misc | |
67 | ---- | |
9b45443d MW |
68 | - PFS support for creating/rekeying CHILD_SAs |
69 | - Address pool/backend for virtual IP assignement | |
ed284399 | 70 | - fix iterator->insert_before/after |