make clearer the relationship between isakmpd and ikev1; and iked and ikev2;

ok reyk

3 files changed, 24 insertions, 20 deletions

diff --git a/sbin/isakmpd/isakmpd.8 b/sbin/isakmpd/isakmpd.8
index 6244a41eb70..473b37bf2c4 100644
--- a/sbin/isakmpd/isakmpd.8
+++ b/sbin/isakmpd/isakmpd.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: isakmpd.8,v 1.106 2010/06/03 16:57:40 reyk Exp $
+.\" $OpenBSD: isakmpd.8,v 1.107 2010/06/07 08:38:09 jmc Exp $
 .\" $EOM: isakmpd.8,v 1.23 2000/05/02 00:30:23 niklas Exp $
 .\"
 .\" Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist.
@@ -30,7 +30,7 @@
 .\"
 .\" Manual page, using -mandoc macros
 .\"
-.Dd $Mdocdate: June 3 2010 $
+.Dd $Mdocdate: June 7 2010 $
 .Dt ISAKMPD 8
 .Os
 .Sh NAME
@@ -71,13 +71,15 @@ A newer, much simpler format is now available:
 .Nm
 implements the IKEv1 protocol which is defined in the standards
 ISAKMP/Oakley (RFC 2408), IKE (RFC 2409), and the Internet DOI (RFC 2407).
-The IKEv2 protocol,
+The newer IKEv2 protocol,
 as defined in RFC 4306,
 is not supported by
-.Nm ;
+.Nm
 but by
-.Xr iked 8
-instead.
+.Xr iked 8 .
+It follows then that references to IKE in this document
+pertain to IKEv1 only,
+and not IKEv2.
 .Pp
 The way
 .Nm
@@ -798,6 +800,7 @@ command is issued in the command FIFO.
 .Xr ipsec.conf 5 ,
 .Xr isakmpd.conf 5 ,
 .Xr isakmpd.policy 5 ,
+.Xr iked 8 ,
 .Xr sasyncd 8 ,
 .Xr ssl 8 ,
 .Xr tcpdump 8
@@ -827,9 +830,3 @@ For redundant setups,
 must be manually restarted every time
 .Nm
 is restarted.
-.Pp
-The IKEv2 protocol is not supported by
-.Nm ;
-but by
-.Xr iked 8
-instead.
diff --git a/sbin/isakmpd/isakmpd.conf.5 b/sbin/isakmpd/isakmpd.conf.5
index 706df3c15fb..5dd337e79bd 100644
--- a/sbin/isakmpd/isakmpd.conf.5
+++ b/sbin/isakmpd/isakmpd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: isakmpd.conf.5,v 1.125 2008/02/17 10:36:32 hshoexer Exp $
+.\" $OpenBSD: isakmpd.conf.5,v 1.126 2010/06/07 08:38:09 jmc Exp $
 .\" $EOM: isakmpd.conf.5,v 1.57 2000/12/21 14:43:17 ho Exp $
 .\"
 .\" Copyright (c) 1998, 1999, 2000 Niklas Hallqvist.  All rights reserved.
@@ -28,7 +28,7 @@
 .\"
 .\" Manual page, using -mandoc macros
 .\"
-.Dd $Mdocdate: February 17 2008 $
+.Dd $Mdocdate: June 7 2010 $
 .Dt ISAKMPD.CONF 5
 .Os
 .Sh NAME
@@ -926,7 +926,7 @@ configuration file.
 .Sh EXAMPLES
 An example of a configuration file:
 .Bd -literal
-# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon.
+# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKEv1) daemon.
 
 [General]
 Listen-on=		10.1.0.2
diff --git a/sbin/isakmpd/isakmpd.policy.5 b/sbin/isakmpd/isakmpd.policy.5
index b37ec6ce9d7..1e1197ddb8c 100644
--- a/sbin/isakmpd/isakmpd.policy.5
+++ b/sbin/isakmpd/isakmpd.policy.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: isakmpd.policy.5,v 1.43 2010/04/06 06:46:30 jmc Exp $
+.\" $OpenBSD: isakmpd.policy.5,v 1.44 2010/06/07 08:38:09 jmc Exp $
 .\" $EOM: isakmpd.policy.5,v 1.24 2000/11/23 12:55:25 niklas Exp $
 .\"
 .\" Copyright (c) 1999-2001, Angelos D. Keromytis.  All rights reserved.
@@ -26,7 +26,7 @@
 .\"
 .\" Manual page, using -mandoc macros
 .\"
-.Dd $Mdocdate: April 6 2010 $
+.Dd $Mdocdate: June 7 2010 $
 .Dt ISAKMPD.POLICY 5
 .Os
 .Sh NAME
@@ -39,13 +39,20 @@ is the policy configuration file for the
 daemon, managing security association and key management for the
 .Xr ipsec 4
 layer of the kernel's networking stack.
-.Pp
 The
 .Xr isakmpd 8
-daemon (also known as IKE, for Internet Key Exchange) is used when two
+daemon,
+also known as the IKEv1 key management daemon,
+implements the Internet Key Exchange version 1 (IKEv1) protocol.
+It follows then that references to IKE in this document
+pertain to IKEv1 only,
+and not IKEv2.
+.Pp
+.Xr isakmpd 8
+is used when two
 systems need to automatically set up a pair of Security Associations
 (SAs) for secure communication using IPsec.
-IKE operates in two stages:
+IKEv1 operates in two stages:
 .Pp
 In the first stage (Main or Identity Protection Mode), the two IKE
 daemons establish a secure link between themselves, fully