[govpn.git] / doc / govpn.texi

\input texinfo
@setfilename govpn.info
@documentencoding UTF-8
@settitle GoVPN

@copying
This manual is for GoVPN -- simple secure free software virtual private
network daemon, aimed to be reviewable, secure, DPI/censorship-resistant,
written on Go.

Copyright @copyright{} 2014-2015 @email{stargrave@@stargrave.org, Sergey Matveev}

@quotation
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3
or any later version published by the Free Software Foundation;
with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
A copy of the license is included in the section entitled "Copying conditions".
@end quotation
@end copying

@node Top
@top GoVPN

GoVPN is simple secure free software virtual private network daemon,
aimed to be reviewable, secure and
@url{https://en.wikipedia.org/wiki/Deep_packet_inspection, DPI}/censorship-resistant.

@itemize @bullet
@item
Copylefted free software: licensed under
@url{https://www.gnu.org/licenses/gpl-3.0.html, GPLv3+}.
@item
Fast strong @ref{PAKE, password authenticated} augmented key agreement
(PAKE DH A-EKE) @ref{Handshake protocol, handshake}.
@item
Mutual two-side zero-knowledge peers authentication.
@item
@ref{Verifier structure, Augmented authentication tokens} resistant to
offline dictionary attacks. An attacker can not masquerade a client
even with server password verifiers compromising.
@item
Encrypted and authenticated @ref{Transport protocol, payload transport}
with 128-bit @ref{Developer manual, security margin} state-of-the-art
cryptography and censorship resistance (indistinguishability from noise).
@item
@url{https://en.wikipedia.org/wiki/Forward_secrecy, Perfect forward secrecy}
property.
@item
Replay attack protection (using one-time MACs).
@item
Built-in rehandshake (session key rotation) and heartbeat features.
@item
Ability to hide payload packets length with the @ref{Noise, noise} data.
@item
Ability to hide payload timestamps with @ref{CPR, constant packet rate}
traffic.
@item
Compatible with @url{http://egd.sourceforge.net/, EGD} (entropy
gathering daemon) PRNGs.
@item
Several simultaneous clients support with per-client configuration
options. Clients have pre-established @ref{Identity, identity} invisible
for third-parties (they are anonymous).
@item
Uses @url{https://en.wikipedia.org/wiki/TAP_(network_driver), TAP}
underlying network interfaces.
@item
Can use @ref{Network transport, UDP and TCP} or HTTP @ref{Proxy, proxies}
for accessing the server.
@item
Fully IPv4 and IPv6 compatible.
@item
Optional built-in HTTP-server for retrieving
@ref{Stats, statistics} information about known connected peers in
@url{http://json.org/, JSON} format.
@item
Written on on @url{http://golang.org/, Go} programming language with
simple code that can be read and reviewed.
@item
@url{https://www.gnu.org/, GNU}/Linux and
@url{http://www.freebsd.org/, FreeBSD} support.
@end itemize

@include media.texi

@menu
* News::
* Installation::
* Precautions::
* User manual::
* Developer manual::
* Contacts::
* Copying conditions::
* Thanks::
* TODO::
@end menu

@include news.texi
@include installation.texi
@include precautions.texi
@include user.texi
@include developer.texi
@include contacts.texi

@node Copying conditions
@unnumbered Copying conditions

@insertcopying
@verbatiminclude fdl.txt

@include thanks.texi
@include todo.texi
@bye