>Number:         9672
>Category:       security
>Synopsis:       racoon(8) documentation needs serious help
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    security-officer (NetBSD Security Officer)
>State:          open
>Class:          doc-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Mar 24 06:18:00 2000
>Last-Modified:
>Originator:     Charles M. Hannum
>Organization:
	Internetwork Hacker
>Release:        -current as of 20000321
>Environment:
	n/a

>Description:
	I have been unable to figure out how to configure racoon(8) from
	the documentation provided.  In particular:

	* The differences between the identifier types (fqdn, user_fqdn)
	  and what they mean to the remote system is not documented.

	* The location of the certificate file is not documented.

	* The format of the pre-shared-key file is not well defined.  (An
	  example would help.)

	* It is unclear whether I need a `remote' stanza, a `policy'
	  stanza, or both.  I get the *impression* that `remote'
	  corresponds to SAD entries, and `policy' corresponds to SPD
	  entries.

	* The documentation is all in Japanglish.

	This is making it difficult to configure racoon(8), and thus
	difficult to use IPsec.
			
>How-To-Repeat:
	Try to configure racoon(8).

>Fix:
	Not provided.
>Audit-Trail:
>Unformatted: