Photuris Test Server

A test implementation of the Photuris Session-Key Management Protocol used to run on the host

wserver.physnet.uni-hamburg.de:7468.

The test server implements the Photuris protocol as of RFC-2522. Photuris can be used to generate session keys and establish Security Associations for IPSec, for example to establish VPNs (Virtual Private Networks).

This host is multi homed so most likely you will see a response from www-phys.rrz.uni-hamburg.de.

If you do not run OpenBSD, you need the following sources:

The Photuris sources have been committed to the OpenBSD source repository. You can find the most recent version always there. Get cvs and run the command:
```
     cvs -d anoncvs@anoncvs.uk.openbsd.org:/cvs -z 9 get src/sbin/photurisd
```

A quick note on how to get Photuris working on OpenBSD prior version 2.2, which might be interesting for people who try to get Photuris working on another operating system. Since OpenBSD 2.2 Photuris is integrated as part of the operating system.

At the moment the Identity Exchange

	Cookie Request   ->
	                 <- Cookie Response

	Value Request    ->
	                 <- Value Response

	Identity Request ->
	                 <- Identity Response

and SPI Updates are supported:

	SPI Update       ->
	                 <- SPI Update

SPI Needed Messages are handled and acted upon.

The daemon is running with the following configuration files

photuris.conf - bootstrap moduli and schemes
attributes.conf - offered attributes
secrets.conf - shared symmetric secrets

The timeout periods are drastically reduced. An exchange times out after three minutes.

Here is the output of the daemon so far: photuris.out and photuris.err.