I'm sending you this message because you might be interested in helping to build or test or document, or teach about, my S/WAN project to secure 5% of the net by Christmas. There is now a public mailing list which you can join to find out what's happening in the project, get the latest software for testing, ask questions, etc. To join the list, send mail to: linux-ipsec-REQUEST@clinet.fi The email should contain a single line that just says: subscribe This mailing list will have discussions, not just announcements, and will be very technical (not political or social). The S/WAN project's goal is to provide free software that makes it easy to encrypt a site's net traffic automatically, and to encourage acceptance and deployment of this software. My original timetable aimed to have 5% of the net encrypted by Christmas. We will not meet this goal; it was romantic, but very ambitious. Instead, my current goal is to have our first complete software release available by Christmas, which people can use to encrypt 5% of the net in the following months. This is still an ambitious goal. In case you haven't been following developments in the project, there's a new version of the Domain Name System BIND code that you can install to enable your site to publish its keys to the net. Our software to USE the keys isn't ready yet -- but it usually takes weeks or months to get your domain administrator to update their version of BIND, so it's a great idea to get them started now. There's also a very new test version of the Linux kernel code that implements low-level packet encryption. This code requires manual configuration, and only implements single-DES rather than triple-DES. It has a long way to go. But it enables you to manually set up encrypted tunnels to other sites around the Internet (such as other sites in your company, or which you collaborate with). Shaking out this layer and making it solid and bulletproof is important, so we can depend on it as we build the higher layers that provide encrypting tunnels automatically and opportunistically. Details on how to get the test software are in the web page at: http://www.cygnus.com/~gnu/swan.html I hope that having a mailing list for the helpers and implementers will make it easier for everyone to stay up to date, and easier for everyone to contribute. If we all push in the same direction, we may have 5% of the net traffic encrypted by Easter... John Gilmore PS: The new Linux-IPSEC mailing list is graciously hosted in Finland by Tatu Ylonen, author of ssh, another good piece of cryptographic software. Linux is the free operating system on which the project is being built. IPSEC is the set of (Internet Protocol SECurity) protocols which add packet-level encryption to TCP/IP.