security: Update README.md

This adds more information into the `security/README.md` file detailing what exactly the OPI Security APIs are currently targeting, and the proposed architecture around the IPsec portion of the APIs. Signed-off-by: Kyle Mestery <mestery@mestery.com>
opiproject · Aug 29, 2022 · 68c5bfd · 68c5bfd
1 parent 2002928
commit 68c5bfd
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/security/README.md b/security/README.md
@@ -1,5 +1,18 @@
 # OPI Security APIs
 
+The OPI Security APIs are currently focusing on implementing an IPsec API which
+maps on top of the [strongSwan](https://www.strongswan.org)
+[vici Plugin](https://docs.strongswan.org/docs/5.9/plugins/vici.html). For
+more details on the vici API, you can look at the strongSwan documentation
+found [here](https://github.com/strongswan/strongswan/blob/master/src/libcharon/plugins/vici/README.md).
+
+The architecture is seen in the diagram below.
+
+![OPI IPsec Security Architecture](sec-architecture.drawio.png)
+
+The idea here is that DPU and IPU vendors will implement strongSwan plugins to
+offload the tunnels into hardware.
+
 ## OPI Security API Spec
 
 The [Security Spec](security-spec.md) is the best place for up to date information on the OPI

diff --git a/security/sec-architecture.drawio.png b/security/sec-architecture.drawio.png