Survey Responses as of 27 March 1997 (Rev 3)

-----------------------


Name of Implementation  : Solaris 2.x
Version Described       : Solaris IPv6 prototype
Organization            : Sun  --  Solaris Internet Engineering
Which IP versions are
 supported              : IPv6, maybe IPv4 too.
Implements RFC-1828
 AH MD5                 : No
Implements RFC-1829
 ESP DES-CBC            : No
Implements AH HMAC MD5  : In Progress
Implements AH HMAC SHA-1: Unsure.
Implements Combined ESP
 (DES+MD5+Replay, etc)  : Planned support for all algorithm combinations.
                    		  Replay also planned.
Other AH Implemented
 Transforms             : Waiting for drafts.
Other ESP Implemented
 Transforms             : Waiting for drafts (probably 3DES).

Transport mode          : There's no real difference in our implementation.
Tunnel mode             : VPN support is planned, end-to-end is in progress.

Key Management          : Manual in progress (PF_KEYv2), ISAKMP/Oakley
                  			  planned.
Platforms               : Solaris 2.x
Lineage of IPsec Code   : Homegrown, with inspiration from NRL
Lineage of Key Mgmt Code: Probably cisco
Location of Source Code : Proprietary
POINTS of Contact       : danmcd@eng.sun.com
Claimed Interoperability: AH HMAC-MD5 success with NRL.

-----------------------


Name of Implementation  : JI/Angelos
Version Described       : whatever
Organization            : whatever
Which IP versions are
 supported              : IPv4
Implements RFC-1828
 AH MD5                 : YES
Implements RFC-1829
 ESP DES-CBC            : YES
Implements AH HMAC MD5  : YES
Implements AH HMAC SHA-1: YES
Implements Combined ESP
 (DES+MD5+Replay, etc)  : DES+MD5+REPLAY+OptIV 

Other AH Implemented
 Transforms             : AH-SHA1 planned
Other ESP Implemented
 Transforms             : ESP-3DES planned
Transport mode          : YES
Tunnel mode             : YES
Key Management          : Manual, maybe Photuris
Platforms               : NetBSD, OpenBSD, BSD/OS, maybe FreeBSD
Lineage of IPsec Code   : JI/Angelos
Lineage of Key Mgmt Code: JI/Angelos
				     
Location of Source Code : ftp://ftp.funet.fi/pub/unix/security/net/ip/BSDipsed.tar.gz
POINTS of Contact       : angelos@dsl.cis.upenn.edu, ji@tla.org
Claimed Interoperability: NRL, IBM, Karn, MorningStar, UoArizona (all in Dallas
                			    '95), JI-Linux

-----------------------


Name of Implementation  : IPSec Developer's Toolkit
Version Described       : 1.0
Organization            : TimeStep Corporation
Which IP versions are
 supported              : IPv4
Implements RFC-1828
 AH MD5                 : YES
Implements RFC-1829
 ESP DES-CBC            : YES
Implements AH HMAC MD5  : YES; latest
Implements AH HMAC SHA-1: YES; latest
Implements Combined ESP
 (DES+MD5+Replay, etc)  : DES+MD5+Replay; YES; latest
                          3DES+MD5+Replay; latest
Other AH Implemented
 Transforms             : AH Keyed SHA
Other ESP Implemented
 Transforms             : DES+SHA+Replay; YES
                          3DES+SHA+Replay;
                          RC5+MD5+Replay;
                          RC5+SHA+Replay;
Transport mode          : YES
Tunnel mode             : YES
Key Management          : ISAKMP+Oakley
Platforms               : 
Lineage of IPsec Code   : 
Lineage of Key Mgmt Code: 
Location of Source Code : "proprietary"
POINTS of Contact       : Roy Pereira, rpereira@timestep.com,
                          +1-613-599-3610x4808, fax=+1-613-599-3617
Claimed Interoperability: Entrust ISAKMP, FTP, Cisco

-----------------------


Name of Implementation  : Livingston ComOS
Version Described       : unreleased
Organization            : Livingston Enterprises
Which IP versions are
 supported              : IPv4
Implements RFC-1828
 AH MD5                 : YES
Implements RFC-1829
 ESP DES-CBC            : YES
Implements AH HMAC MD5  : In Progress
Implements AH HMAC SHA-1: In Progress
Implements Combined ESP
 (DES+MD5+Replay, etc)  : Planned
Other AH Implemented
 Transforms             : NO
Other ESP Implemented
 Transforms             : NO
Transport mode          : NO
Tunnel mode             : YES
Key Management          : Manual, ISAKMP+Oakley (in progress)
Platforms               : Livingston Routers and Access Servers
Lineage of IPsec Code   : Livingston
Lineage of Key Mgmt Code: Livingston
Location of Source Code : proprietary
POINTS of Contact       : hoodr@livingston.com
Claimed Interoperability: none tested yet

-----------------------


Name of Implementation  : Firewall-1
Version Described       : 3.0
Organization            : Check Point Software Technologies
Which IP versions are
 supported              : IPv4
Implements RFC-1828
 AH MD5                 : YES
Implements RFC-1829
 ESP DES-CBC            : YES
Implements AH HMAC MD5  : In Progress
Implements AH HMAC SHA-1: In Progress
Implements Combined ESP
 (DES+MD5+Replay, etc)  : Any combination of MD5/SHA-1 with DES/3DES with
                          replay (in progress)

Other AH Implemented
 Transforms             : RFC-1852
Other ESP Implemented
 Transforms             : NO
Transport mode          : NO
Tunnel mode             : YES
Key Management          : Manual, SKIP: YES
                          ISAKMP+Oakley: In Progress
Platforms               : NT 3.51, NT 4.0, Solaris, SunOS 4, HP-ux 9 and 10.			
Lineage of IPsec Code   : Check Point
Lineage of Key Mgmt Code: Check Point
Location of Source Code : proprietary
POINTS of Contact       : roy@checkpoint.com
Claimed Interoperability: IPSEC: S/WAN interoperability with IBM,
                          MorningStar, TIS, ...
                          SKIP: ETH, SUN, Toshiba
                          ISAKMP: FTP

-----------------------


Name of Implementation  : S/WAN Linux IPSEC
VERSION DESCRIBED       : Release 0.4 of 15 Jan 1997 (ipsec-0.4.tar.gz)
Organisation:             Electronic Frontier Foundation

Name of Implementation  : JI's IPSEC Implementation
Version Described       : 0.4
Organization            : John Ioannidis 
Which IP versions are
 supported              : IPv4
Implements RFC-1828
 AH MD5                 : YES
Implements RFC-1829
 ESP DES-CBC            : YES
Implements AH HMAC MD5  : YES; draft-ietf-ipsec-ah-hmac-md5-04.txt
Implements AH HMAC SHA-1: YES; draft-ietf-ipsec-ah-hmac-sha-04.txt
Implements Combined ESP
 (DES+MD5+Replay, etc)  : MD5+DES+Replay, MD5+3DES+Replay;
                          draft-ietf-ipsec-esp-des-md5-03.txt,
                          draft-ietf-ipsec-esp-3des-md5-00.txt
Other AH Implemented
 Transforms             : NO
Other ESP Implemented
 Transforms             : NO
Transport mode          : In Progress for Linux; YES for NetBSD/BSDI
Tunnel mode             : YES
Key Management          : Manual (NETLINK interface for Linux; PF_ENCAP        
                          interface for NetBSD/BSDI)
Platforms               : LINUX 2.0.28, 2.1.29 by 4/97; NetBSD-current;
                          BSD/OS 2.0
Lineage of IPsec Code   : JI, original BSDI code 12/95, 
                          re-written for Linux,
                          combined and ported to NetBSD by Angelos Keromytis.
Lineage of Key Mgmt Code: JI's PF_ENCAP, rewrite for Linux NETLINK.
Location of Source Code : ftp://ftp.funet.fi/pub/unix/security/net/ip/
POINTS of Contact       : Web:  http://www.cygnus.com/~gnu/swan.html
                          Discussion: linux-ipsec@clinet.fi
                                      (subscribe via majordomo@clinet.fi)
                          Technical Leader:  John Ioannidis 
                          Project Leader:    John Gilmore 
Claimed Interoperability: RFC 1828 and 1829 transforms interoperate with my
                          BSDI code, tested in the December 95 IETF. The rest
                          of the transforms interoperate with Angelos 
                          Keromytis' port to NetBSD of my code.

All this code has been written entirely in Greece; it contains no swIPe code 
(BTW, I wish people would stop asking me for ports of swIPe; it served its 
purpose, now let it rest in peace). The original BSDI code shown at the 
December 95 IETF (Dallas) was never released. The Linux code is almost a 
complete rewrite. Angelos Keromytis took the old BSDI code, adapted it for 
NetBSD, and put in the new transforms so it interoperates with the Linux code. 
The NetBSD code is not likely to evolve unless someone else picks it up. Some 
of the original BSDI code is also distributed with the NetBSD code; it should 
be a couple of days' work to back-patch it so the new transforms also work. 
The Linux code is what is supported, and what I actively seek feedback on.

/ji

-----------------------


Name of Implementation   : IPsec
                         : ISAKMPv6 - ISAKMP/Oakley Resolutionv2
Organization             : Defence Research Agency - UK
Which IP versions are
 supported               : IPv4
Implements RFC-1828
 AH MD5                  : YES
Implements RFC-1829
 ESP DES-CBC             : YES
Implements
AH HMAC MD5              : YES
Implements
AH HMAC SHA-1            : YES
Implements Combined ESP
(DES+MD5+Replay, etc)    : Planned

Other AH Implemented
 Transforms              : NO
Other ESP Implemented
 Transforms              : NO
Transport mode           : YES
Tunnel mode              : YES
Key Management           : Manual &&  ISAKMP+Oakley
Platforms                :  Solaris
Lineage of IPsec Code    : Modified ETHZ
Lineage of Key Mgmt Code : DRA
Location of Source Code  : Not available as yet,
                           should be available ~ August

POINTS of Contact        : ISAKMP -  weaver@hydra.dra.hmg.gb
                         : IPsec      -  pbt@hydra.dra.hmg.gb

Claimed Interoperability : ISAKMPv6 - none as yet
                         : IPsec - none as yet

-----------------------


Name of Implementation  : Network CryptoGate (NCG)
Version Described       : 1.0
Organization            : Toshiba Corporation
Which IP versions are
 supported              : IPv4
Implements RFC-1828
 AH MD5                 : YES
Implements RFC-1829
 ESP DES-CBC            : YES
Implements AH HMAC MD5  : In Progress; RFC2085
Implements AH HMAC SHA-1: In Progress, draft 4
Implements Combined ESP
 (DES+MD5+Replay, etc)  : MD5+DES+Replay: In Progress; draft 3

Other AH Implemented
 Transforms             : NO
Other ESP Implemented
 Transforms             : YES (ESP-3DES)
Transport mode          : NO
Tunnel mode             : YES
Key Management          : Manual, SKIP
Platforms               : BSD/OS
Lineage of IPsec Code   : Toshiba
Lineage of Key Mgmt Code: Toshiba
Location of Source Code : "proprietary"
POINTS of Contact       : Atsushi Inoue
                          inoue@isl.rdc.toshiba.co.jp
                          +81-44-549-2238 (phone)
                          +81-44-520-1806 (fax)
Claimed Interoperability: SUN-SKIP, Checkpoint, Elvis+, ETH, Gemini

-----------------------


Name of Implementation:     NE-Secure
Organisation:               Cabletron/Network Express
Which IP versions are supported:          IPv4
Implements RFC-1825 & RFC-1826 AH:        In Progress
Implements RFC-1825 & RFC-1827 ESP:       YES
Implements RFC-1828 AH MD5:               In Progress
Implements RFC-1829 ESP DES-CBC:          YES
Implements AH HMAC MD5:                   NO
Implements AH HMAC SHA-1:                 NO
Implements Combined ESP (DES+MD5+Replay): Planned
Other AH  Implemented Transforms: none
Other ESP Implemented Transforms: proprietary (FEAL-32 CBC) 
Key Management:           manual, proprietary
Platforms:                Cyberswitch
Lineage of IPsec Code:    Cabletron/Network Express
Lineage of Key Mgmt Code: Cabletron/Network Express
Location of Source Code:  proprietary
Point of Contact:         Bill Whelan - bwhelan@nei.com (313) 761-5005
                          Rick Pluth  - rpluth@nei.com        "
Claimed Interoperability: NIST

-----------------------


Name of Implementation: cisco IOS (TM)
Organisation:           cisco Systems
Which IP versions are supported:        IPv4 & IPv6 in progress
Implemented Features:
 AH (RFC-1825,1826):    yes
 ESP (RFC-1825,1827):   yes
 AH MD5 (RFC-1828):     yes
 ESP DES (RFC-1829):    yes
Other implemented AH transforms:        AH-HMAC-MD5 & AH-HMAC-SHA 
Other implemented ESP transforms:       ESP-DES-MD5-Replay
Key Management:         ISAKMP+Oakley (v6 and v2, v7 and v3 in progress)
Platforms:              cisco
Lineage of IPsec Code:  cisco Systems
Lineage of Key Mgmt Code:       cisco Systems
Location of Source Code:        proprietary  
Point of Contact:               Cheryl Madson 

-----------------------


Name of Implementation  : IPSEC for FreeBSD
Version Described       : 1.0
Organization            : Portland State University
Which IP versions are
 supported              : IPv4
Implements RFC-1828
 AH MD5                 : YES
Implements RFC-1829
 ESP DES-CBC            : YES
Implements AH HMAC MD5  : YES
Implements AH HMAC SHA-1: YES
Implements Combined ESP
 (DES+MD5+Replay, etc)  : None
Other AH Implemented
 Transforms             : None
Other ESP Implemented
 Transforms             : None
Transport mode          : YES
Tunnel mode             : YES
Key Management          : Manual
Platforms               : FreeBSD 2.1.0R
Lineage of IPsec Code   : NRL IPSEC distributed January 1996
Lineage of Key Mgmt Code: n/a
Location of Source Code :

    ftp://zymurgy.cs.pdx.edu/pub/freebsd-ipsec/freebsd.ipsec.tar.gz
					-OR-
    http://www.cs.pdx.edu/research/SMN/  look under "PSU IPSEC/FreeBSD port"

POINTS of Contact       : Jim Binkley	
			  David Reeder	
			  Bill Trost	

			  mailing list: freebsd-ipsec@cs.pdx.edu
Claimed Interoperability: Unknown.