Last update:  12/10/06 (DD/MM/YY)

This page has been written considering the project "done". Maybe I should have set all verbs to future in order to stay humble... but it sure will make people more enthusiastic about our project like this ^^.

Feel free to send me all your comments either on my approximative English or on the project itself. Please consider joining the project if you feel you can bring some help (knowledge of how to lead an opensource projects, of law, of concepts involved in decentVPN (security and network programming), etc). At the moment, we should have basic theorical knowledge needed about encryption and tunneling/VPN. But we aren't experts... And maybe we won't be talented enough to realize all the feature referenced in the "in later releases" section. But theses later features would make decentVPN pretty fantastic even if they aren't in our primary objectives ^^

For the moment, we haven't officially launched and referenced the project (inscription to SourceForge has just completed). The beginning of all of this is here. Sorry it's still yet in the French section of the Gentoo Linux Forum

Project Team so far (roles will be specified later):


I- Description

Who is it intended for?

What does it do?

Why this project?

Why do we need to start up this project? Answers are on this page.

II- Features List

III- How it works (or it should do)

The following explanations don't cover the features from the "In later releases" section.

3.1- Server

3.2- Client

IV- Development planification

At a first view, decentVPN will make heavy use of OpenSSL and its EVP interface. OpenVPN will be of a great help, either we decide to fork decentVPN from this project or we start from scratch and take portions of code from it. Involved libraries will include at least libpcap, libnet, and SRP API.
For the moment, no GUI is planed, but this point is open. In my humble view, a web interface for server side would be great, and a portable interface in gtk (or qt?) would do it for client side.

4.1 Network interactions

Authentication always succeed, a blank key is always generated between clients. Communications between server and clients aren't ciphered.
IP allocations and routing should be fully effective.
DecentVPN messages format must be defined.

4.2 Authentication method

Implementation of SRP protocol authentication.
Maybe the SSL one too.
Client/Server session keys must be generated accordingly to the authentication method.
Clients management on server effective.

4.3 Ciphering effective

Server generate a non null key for client-to-client connection.
Communication between all nodes (C-to-C, S-to-C) ares now ciphered.

4.4 Working on a fully distributed VPN, aka no server mode

We'll see then ^^