===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/crypto.html,v
retrieving revision 1.86
retrieving revision 1.87
diff -u -r1.86 -r1.87
--- www/crypto.html 2001/06/26 11:46:14 1.86
+++ www/crypto.html 2001/06/27 11:51:21 1.87
@@ -79,11 +79,11 @@
-OpenBSD was the first operating system to ship with an IPSEC stack.
-We've been including IPSEC since early OpenBSD 2.1 release in 1997.
-Our fully conformant in-kernel IPSEC stack, with hardware acceleration
+OpenBSD was the first operating system to ship with an IPsec stack.
+We've been including IPsec since early OpenBSD 2.1 release in 1997.
+Our fully conformant in-kernel IPsec stack, with hardware acceleration
based on a number of cards, and our own free ISAKMP daemon, is used as
-one of the machines in the IPSEC conformance testbed run by
+one of the machines in the IPsec conformance testbed run by
VPNC.
@@ -189,7 +189,7 @@
Stronger temporary names for mktemp(3) and mkstemp(3)
Randomness added to the TCP ISS value for protection against
spoofing attacks.
-random padding in IPSEC esp_old packets.
+random padding in IPsec esp_old packets.
To generate salts for the various password algorithms.
For generating fake S/Key challenges.
In photurisd
@@ -216,7 +216,7 @@
- In S/Key
to provide one time passwords.
-
- In IPSEC,
+
- In IPsec,
photurisd
and
isakmpd(8)
@@ -248,7 +248,7 @@
passwords. See also the USENIX paper
on this topic.
- In
- IPSEC
+ IPsec
to provide confidentiality for the network layer.
- In Kerberos and a handful of kerberized applications, like
telnet,
@@ -260,7 +260,7 @@
- In
photurisd and
isakmpd
- to protect the exchanges where IPSEC key material is negotiated.
+ to protect the exchanges where IPsec key material is negotiated.
- In AFS to protect the messages passing over the network, providing
confidentiality of remote filesystem access.
- In libssl to let applications communicate over the de-facto standard
@@ -274,9 +274,9 @@
OpenBSD, starting with 2.7, has begun supporting some cryptography hardware
such as accelerators and random number generators.
-- IPSEC crypto dequeue
- Our IPSEC stack has been modified so that cryptographic functions get
- done out-of-line. Most simple software IPSEC stacks need to do
+ - IPsec crypto dequeue
+ Our IPsec stack has been modified so that cryptographic functions get
+ done out-of-line. Most simple software IPsec stacks need to do
cryptography when processing each packet. This results in synchronous
performance. To use hardware properly and speedily one needs to separate
these two components, as we have done. Actually, doing this gains some
@@ -294,7 +294,7 @@
stable. We wrote our own driver for supporting this chip, rather
than using the (USA-written)
powercrypt driver, as well
- our driver links in properly to the IPSEC stack.
+ our driver links in properly to the IPsec stack.
The 7751 is now considered slow by industry standards and many vendors
have faster chips (even HiFn now has a faster but more expensive
chip). Peak performance with 3DES SHA1 ESP is around 63MBit/sec.
@@ -357,10 +357,10 @@
has now been integrated once we were able to get a free license on the
microcode. We have also received (all?) the information needed for
supporting the cryptographic functions, which will require a little bit of
- IPSEC subsystem rearranging. Check back later..
+ IPsec subsystem rearranging. Check back later..
-
- Intel IPSEC card
+ - Intel IPsec card
Much like Intel does for all their networking division components, and
completely unlike most other vendors, Intel steadfastly refuse to provide
us with documentation. We have talked to about five technical people who
@@ -376,7 +376,7 @@
-
Intel 82802AB/82802AC Firmware Hub RNG
The 82802 FWH chip (found on i810, i820, i840, i850, and i860 motherboards)
- contains a random number generator (RNG). High-performance IPSEC
+ contains a random number generator (RNG). High-performance IPsec
requires more random number entropy. As of April 10, 2000, we support
the RNG. We will add support for other RNG's found on crypto chips.
@@ -447,7 +447,7 @@
www@openbsd.org
-$OpenBSD: crypto.html,v 1.86 2001/06/26 11:46:14 brad Exp $
+$OpenBSD: crypto.html,v 1.87 2001/06/27 11:51:21 brad Exp $