-----BEGIN PGP SIGNED MESSAGE-----
Has anything been happening with swIPe lately? I seem to remember reading a couple of months ago that the protocol was being revised (simplified?) and that a new RFC was going to be released soon. What's the status of the project now?
== Alex Strasheim | finger astrashe@nyx.cs.du.edu alex@omaha.com | for my PGP 2.6.1. public key
-----BEGIN PGP SIGNATURE----- Version: 2.6.2
iQCVAwUBLuUFUREpP7+baaPtAQGKGQP/UN7bJfYOHIEdgV9uDnJLbJ00q4J/opLW KpDxF+yl4Nhld70YkMQ/xJ9CeGh0mrCNLz/O8nD4KLrJ87RnH2T1fMV6vdegEvxF CnDEOyRCSEa3kB3c1mkP5rtvW9PJF6GiqDkbaA86wa2usBkuv63mZjPc4EVLiZwY +0xew1PgMQs= =oHAW -----END PGP SIGNATURE-----
Well, if by swIPe you mean the standards-track IP security protocol, quite a bit. I'm not going to the next IETF meeting (perry?, phil?) but I understand that swIPe and friends have mutated into something that is very close to becoming an RFC. Key management is another story, with no general agreement as to what the requirements even are. My own feeling is that more experience is needed with network-layer security in general before the problems and tradeoffs of key managment in heterogeneous networks will emerge with any clarity. If you mean swIPe, the protocol described in Ioannidis and Blaze's draft RFC of last December, not much. There's an implementation floating around (I think on the ucb ftp server), but I don't know of anyone who's actively deploying it outside of closed systems. Now would is a very good time to play with this stuff, particularly with an eye toward understanding what the key management requirements are. Right now the future internet cryptographic security architecture is wide open, but that window is starting to close. -matt