Print this page
5782 ike.config(4) needs additional oakley_group numbers

Split Close
Expand all
Collapse all
          --- old/usr/src/man/man4/ike.config.4
          +++ new/usr/src/man/man4/ike.config.4
   1    1  '\" te
   2    2  .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
        3 +.\" Copyright (c) 2015, Circonus, Inc. All Rights Reserved.
   3    4  .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
   4    5  .\"  See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the
   5    6  .\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
   6    7  .TH IKE.CONFIG 4 "Apr 27, 2009"
   7    8  .SH NAME
   8    9  ike.config \- configuration file for IKE policy
   9   10  .SH SYNOPSIS
  10   11  .LP
  11   12  .nf
  12   13  \fB/etc/inet/ike/config\fR
↓ open down ↓ 550 lines elided ↑ open up ↑
 563  564  optional, elements in the parameter-list must occur exactly once within a given
 564  565  transform's parameter-list:
 565  566  .sp
 566  567  .ne 2
 567  568  .na
 568  569  \fBoakley_group \fInumber\fR\fR
 569  570  .ad
 570  571  .sp .6
 571  572  .RS 4n
 572  573  The Oakley Diffie-Hellman group used for IKE SA key derivation. The group
 573      -numbers are defined in RFC 2409, Appendix A, and RFC 3526. Acceptable values
 574      -are currently:
      574 +numbers are defined in RFC 2409, Appendix A, RFC 3526, and RFC 5114, section
      575 +3.2. Acceptable values are currently:
 575  576  .br
 576  577  .in +2
 577      -1 (768-bit)
      578 +1 (MODP 768-bit)
 578  579  .in -2
 579  580  .br
 580  581  .in +2
 581      -2 (1024-bit)
      582 +2 (MODP 1024-bit)
 582  583  .in -2
 583  584  .br
 584  585  .in +2
 585      -5 (1536-bit)
      586 +3 (EC2N 155-bit)
 586  587  .in -2
 587  588  .br
 588  589  .in +2
 589      -14 (2048-bit)
      590 +4 (EC2N 185-bit)
 590  591  .in -2
 591  592  .br
 592  593  .in +2
 593      -15 (3072-bit)
      594 +5 (MODP 1536-bit)
 594  595  .in -2
 595  596  .br
 596  597  .in +2
 597      -16 (4096-bit)
      598 +14 (MODP 2048-bit)
 598  599  .in -2
      600 +.br
      601 +.in +2
      602 +15 (MODP 3072-bit)
      603 +.in -2
      604 +.br
      605 +.in +2
      606 +16 (MODP 4096-bit)
      607 +.in -2
      608 +.br
      609 +.in +2
      610 +17 (MODP 6144-bit)
      611 +.in -2
      612 +.br
      613 +.in +2
      614 +18 (MODP 8192-bit)
      615 +.in -2
      616 +.br
      617 +.in +2
      618 +19 (ECP 256-bit)
      619 +.in -2
      620 +.br
      621 +.in +2
      622 +20 (ECP 384-bit)
      623 +.in -2
      624 +.br
      625 +.in +2
      626 +21 (ECP 521-bit)
      627 +.in -2
      628 +.br
      629 +.in +2
      630 +22 (MODP 1024-bit, with 160-bit Prime Order Subgroup)
      631 +.in -2
      632 +.br
      633 +.in +2
      634 +23 (MODP 2048-bit, with 224-bit Prime Order Subgroup)
      635 +.in -2
      636 +.br
      637 +.in +2
      638 +24 (MODP 2048-bit, with 256-bit Prime Order Subgroup)
      639 +.in -2
      640 +.br
      641 +.in +2
      642 +25 (ECP 192-bit)
      643 +.in -2
      644 +.br
      645 +.in +2
      646 +26 (ECP 224-bit)
      647 +.in -2
 599  648  .RE
 600  649  
 601  650  .sp
 602  651  .ne 2
 603  652  .na
 604  653  \fBencr_alg {3des, 3des-cbc, blowfish, blowfish-cdc, des, des-cbc, aes,
 605  654  aes-cbc}\fR
 606  655  .ad
 607  656  .sp .6
 608  657  .RS 4n
↓ open down ↓ 531 lines elided ↑ open up ↑
1140 1189  November 1998.
1141 1190  .sp
1142 1191  .LP
1143 1192  Piper, Derrell. \fIRFC 2407, The Internet IP Security Domain of Interpretation
1144 1193  for ISAKMP\fR. Network Alchemy. Santa Cruz, California. November 1998.
1145 1194  .sp
1146 1195  .LP
1147 1196  Kivinen, T. \fIRFC 3526, More Modular Exponential (MODP) Diffie-Hellman Groups
1148 1197  for Internet Key Exchange (IKE)\fR. The Internet Society, Network Working
1149 1198  Group. May 2003.
     1199 +.sp
     1200 +.LP
     1201 +Lepinksi, M. and Kent, S. \fIRFC 5114, Additional Diffie-Hellman Groups for Use
     1202 +with IETF Standards\fR. BBN Technologies, January 2008.
    
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX