	ALPHA 2 Release of SKIP Reference Source for SunOS 4.1.3
	--------------------------------------------------------
			Overview and Release Notes

Alpha-1 users may skip the Overview, but should read the release notes.  
There are important interoperability changes.

Overview
--------
SKIP is a Key-management protocol for IP based protocols.  It is an 
acronym for Simple Key-management for Internet Protocols. SKIP is 
documented in the SKIP IETF IPSEC draft included in this directory 
as draft-ietf-ipsec-skip-06.txt.  The most recent SKIP draft is 
always available at http://skip.incog.com and the Internet-Drafts
directories.

>From this public domain source release, you can build a fully 
functional IP-layer encryption package which supports DES and 
Triple-DES for SunOS 4.1.3.  This means that every IP networked 
application can have it's network traffic encrypted.   Unlike
application level encryption packages, this package encrypts 
IP packets.  Thus, applications do not need to be recompiled or 
modified to take advantage of encryption.

The SKIP source is possible through the efforts of engineers in Sun
Microsystems Internet Commerce Group.  The developers and designers
are Ashar Aziz, Tom Markson, Martin Patterson, Hemma Prafullchandra and
Joseph Reveane.  Linda Cavanaugh worked on the documentation.

The package compiles under both the SunPro compiler and GCC.  We expect 
that this release should port without too much pain to any operating 
system which uses BSD style networking (mbufs).  

We have developed and tested this release.  We believe it is both well
architected and robust.  However, like any major software release, this
one will contain its share of bugs.  Even though this is an unsupported
software release, we are always interested in bug reports, fixes,
suggestions and comments.  We are also interested in ports to other
operating systems.  To contact the development team, send mail to
freeskip@incog.com.

A legal warning: Because this package contains strong encryption, the
Software must not be transferred to persons who are not US citizens or
permanent residents of the US, or exported outside the US (except
Canada) in any form (including by electronic transmission) without
prior written approval from the US Government. Non-compliance with
these restrictions constitutes a violation of the U.S. Export Control
Laws.

This source release may be used for both commercial and noncommercial 
purposes, subject to the restrictions described in the software and
patent license statements.  

Furthermore, Sun Microsystems has licensed the Stanford public key patents 
from Cylink Corp. which are available to users of this package on a royalty 
free basis. The patent statement is in README.PATENT.  Be sure to read this,
as it contains some restrictions and other important information.  

Also included in this release is a high speed Big Number package written 
by Colin Plumb. bnlib/legal.c contains Colin's software license statement. 

The documentation in this release is minimal, but we think it is
sufficient.  We've all been so busy coding, we've hardly had time to
really document the system and it's interfaces.  This document gives an
overview of the release, and provides build instructions. There are
ROADMAP files in each directory to explain the contents of that
directory, and man pages are available on major topics.  The Users Guide
(provided in postscript, text and HTML) provides instructions on
installation and use.  This is *must* reading.  The advanced.TOPICS
file in this directory covers some advanced SKIP topics with regards to
keying.  In the worst case, "use the source, Luke."

For a general description of SKIP and it's implementation, we have
included a paper which was presented at INET'95.  This paper gives 
an overview of SKIP and discusses the architecture of the SKIP software.  
While this paper discusses an older version of SKIP, the section on 
SKIP architecture provides a good overview as to the design of the system 
and the pieces. The paper specifically discusses the Solaris 2 
implementation, but much of it will also pertain to this release.

To use the package you don't really need to read the SKIP draft, but
you will need to understand the concepts to take full advantage of this
package.  We *highly* recommend reading the SKIP draft 
(draft-ietf-ipsec-skip-05.txt) for a full understanding of SKIP and this
package.

Features
--------
	1.  SKIP V2 compliant implementation using ESP encapsulation.
	2.  Support for DES/3DES for traffic and key encryption.
	3.  Diffie-Hellman Public Key Agreement based system.
	4.  Full Support for manual establishment of master keys.
	5.  Support for multiple NSIDs and multiple local certificates.
	6.  GUI tool for user friendly manipulation of access control lists
	    and key statistics.
	7.  Command line tools for manipulating access control lists, etc.
	8.  Implementation of the Certificate Discovery protocol fully
	    integrated into SKIP.
	9   Implementation of X.509 public key certificates.
	10. Implementation of DSA signature algorithm for certificate
	    signatures.
	11. Implementation for MD2, MD5 and SHA message digest algorithms.
	12. Implementation of ASN.1 DER encoding/decoding.
	13. SunScreen(tm) SKIP compatibility mode.
	14. Implementation of hashed public keys as defined in the SKIP 
	    draft.  Implementation of programs to generate hashed public
	    keys.
	15. Certificate utilities to convert X.509 Certificates to hashed
	    keys and  print both X.509 and Hashed certificates.
	16. High performance Big Number library for Diffie-Hellman 
	    calculations.
	17. Implementation is effectively "public domain" and may be used both 
	    commercially and non-commercially.
	18. Patent Agreement with Cylink allows roylaty-free use of the 
            Diffie-Hellman and other Stanford patents with this package for 
	    commercial and non-commercial use.  Read README.PATENT for 
	    some restrictions.
	19. Inclusion of prime generation program used to generate the 
	    primes in SKIP draft.

Release Notes
-------------
Here are the release notes for this Alpha 2 release of the SKIP source.

	1.  This release is a bug fix release for Alpha-1.  Major areas
	    of change include:
			o Fix ESP and AH protocol numbers.
			o Fix Unsigned DH Public encoding.
			o Remove truncatation of shared secret (for this
			  release only).
			o Various other Bug fixes.
			o Fix Triple DES.

	2.  This release does not interoperate with Alpha-1.   Alpha-1
	    sites should upgrade.  Alpha-1 had a bug where unsigned public
	    keys were being encoded incorrectly.  Therefore, unsigned DH 
	    keys generated with alpha-1 do not work with Alpha-2.  
	    Regenerate your unsigned public keys.  X509 Certificates from
	    alpha-1 will continue to work.

	3.  This release interoperates with Swiss ETH SKIP using unsigned
	    DH keys and DES and triple DES.  It was tested at the Dallas 
	    1995 IETF.  However, the certificate discovery protocol does 
	    not interoperate.  This will be fixed in the next release.

	4.  This release does not fully comply with the SKIP drafts.   It
	    is closest to the 05 version of the draft.  However, the shared
	    secret is not truncated according to that draft.  This change is
	    made to interoperate with the ETH implementation.  The next
	    release will correspond to the 06 draft. 
	    
	5.  Authentication via AH is not yet implemented.  It will be 
 	    implemented in the next release.

	6.  X.509 Certificates are supported, but only with DSA signatures. 
	    If you need to use other signatures algorithms with X.509
	    certificates, you'll have to add them yourself.  Note: Read 
	    the Patent license statement carefully before adding additional 
	    signature algorithms.   

	7.  The Certificate library cannot verify RSA signatures.   
	    It will assume an RSA signed certificate is good without 
	    verifying, but will print a warning on the console to this
	    effect.  This "accept without verifying" behavior can be
	    turned off in certs/lib/Sig.C

	8.  The system currently only supports 1 local secret.  Therefore,
	    systems you talk to will have to have the same Diffie-Hellman
	    parameters as you.  All of your certificates will have to be
	    based on that secret.  Also, this release does not  support
	    "slotting" (multiple root Certificates) or Chaining (CA's which
	    sign other CA's certificates, which sign other certificates, and
	    so on).  You may have one X.509 Certificate (my_X509_cert) and 
	    one certificate from the CA which signed it (CA_Cert).  Full 
	    slotting and chaining may be implemented in a future release.

	9.  The secret is currently kept in the clear.  The file 
	    /etc/skip/my_secret_i contains your private key.  It is not 
	    encrypted.  Protect it well.  In a future release, this will
	    be encrypted.  The key manager may optionally store calculated
	    secrets in an on-disk cache.   This cache is also stored in 
	    the clear.  Protect it as you would my_secret_i.

	10. This release will only use encapsulation mode.  Transport mode
 	    is not supported in this release.

	11. CRLs (Certificate Revocation Lists) have not been ported to 
	    GCC/LIBG++.  This will be fixed in a future release.

	12. While this release is protocol compatible with the Sun
	    SunScreen product, the certificates are incompatible.  If
	    you are a SunScreen customer and wish to use this with the
	    SunScreen, please contact Sun ICG at sunscreen@incog.com.
 
	13. The algorithm discovery message as defined in the SKIP draft has
	    not yet been implemented.  This means that one host has no way
	    of telling another host which encryption algorithms it supports.
	    Encryption algorithms must be negotiated out of band.  The 
	    algorithm discovery message will be implemented in a future 
	    release.
	   
	14. SKIP multicast is not implemented in this release.
	
	15. The certificate discovery protocol uses two UDP ports to send
	    cleartext traffic.  These ports are 6455 and 6456.  Data sent
	    over these ports is not encrypted.


Note to Users of SKIP 1.0 for Solaris
-------------------------------------
This release is protocol compatible with SKIP 1.0 for Solaris when it is
in SunScreen compatibility mode.  However, there are incompatibilities 
which you will bump into:
	1.  Incompatible Certificate Signature Algorithms
		Skip 1.0 for Solaris used RSA signed certificates.
		This release does NOT implement RSA signatures, so your
		previous certificates can not be verified.  Good or
		bad, the system will assume that the RSA certificate is
		OK and print a warning when it tries to verify.  SKIP
		1.0 for Solaris will NOT be able to decode DSA signed
		certificates and will reject them.  The best solution 
		is to upgrade to SKIP 2.0 for Solaris.

	2. The RC2 & RC4 algorithms from RSA Data Security, Inc. are 
	   not included in this release. 

	3. The Certificate Discovery protocol is completely incompatible.

	4. The caping command has been renamed to certreq.

How to Build this Release for 4.x
---------------------------------
This release of source code to implement SKIP on a SunOs 4.1.3 machine
has been tested with SunPro 3.0.1 and GCC 2.6.3 compilers on SunOS
4.1.3U1.  It has been marginally tested with GCC 2.7.1.  It has been 
tested on both Sun4m and Sun4c machines.  If you're squeamish about 
building from source, compiled binaries are also available
on http://skip.incog.com.

The software is written in C and C++.  The kernel modules are written
in C and the user programs in C and C++.  The C++ code requires a class
library which provides strings and linked lists.  For SunPro users, the
RogueWave tools++ library has been used for these function.  GCC users
can use libg++ for these classes.  The Makefile will tell the compiler
which library you are using.

GCC Warning: You must use a GCC compiler which has been compiled on the
	     same architecture (Sun4m or Sun4c) where you are building
	     the SKIP package.  A GCC compiler built on a Sun4c but being
	     run on a Sun4m will generate erroneous code.  

To build it:

	1. Unpack the source in an empty directory:
		zcat skipA1-4.1.3.tar.Z |tar -xvf -

	2. The Makefile as shipped is set up to use the SunPro compiler 
	   and Rogue Wave.    If you wish to change this to GCC, the
	   file Makefile.defs contains all configuration information for
	   this package.  The variable COMP_OS4 may be set to gnu for
	   GCC or sunpro for Sun's SunPro compiler).

	3. When everything is setup, type "make".  The system should build. 
	   If you've built from the top, a package will be made in 
	   mkpkgs/4bin.sun4.  The package is called skip.tar.Z.  
	   
	4. To install this, copy skip.tar.Z to somewhere accessible and 
	   cd /usr.  We'll assume you put skip.tar.Z in /usr. Unpack the 
	   archive with:
	   		zcat skip.tar.Z | tar -xvf -

	   This should create a hierarchy under /usr/skip.  
	   
	5. Change directory to /usr/skip and install with: sh ./install.skip  
	   This script will set your kernel up to install skip and copy 
	   files into place.

For information on setting up keys, please see the Users guide. 
It has been provided in html, postscript and text format.  The postscript 
version contains screen snapshots which will make installation and 
operation easier.

Running the SKIP Reference Implementation
-----------------------------------------

Please see the User's Guide or the online manual on http://skip.incog.com 
for information on running this release.

Overview of the Source
----------------------
This source release consists of 3 major pieces:

	1. The SKIP End-System. (skip/...)
	2. The Certificate Library. (certs/...)
	3. BigNum library.  (bnlib/...)

The best way to explore the source is to use the ROADMAP files setup in
the directories.  They try to explain what each file and directory below
them does.   

--------------------------------------------
Special note on Primes used in the SKIP Draft
--------------------------------------------
The prime numbers specified in the SKIP draft for "p" were generated using
the BN package included in this release.  To regenerate these primes yourself,
run the dhtest program located in bnlib/test directory.  The file Gandhi 
contains the seed used to generate the prime.  To recreate these primes, do
something like this:

	example% 4bin.sun4/dhtest `cat Gandhi`


