- Lean:
Provide a small and monolithic architecture that supports
the main standards and most important features of IKEv2.
Monolithic means that we do not even try to put lots of features in
lots of dynamic libraries.
- Clean:
Write readable and clean code following strict coding
style(9)
guidelines.
- Secure:
Implement secure code with strict validity checking, bounded buffer
operations, and privilege separation to mitigate the security risks of
possible bugs. Use strong cryptography with sane but secure defaults.
- Interoperable:
Provide good interoperability with other IKEv2 implementations, support
non-standard extensions if it is required to interoperate with other
major implementations.
- Configurable:
Make the configuration easy and nice with sane defaults, minimalistic
configuration files and good documentation in the manual pages. Avoid
the headaches of past and other IKE implementations.