"L. Todd Masco" says:
IBM's patent covered modular key management in a manner that isn't clear to me.
Not just you; the opinion of some of the IBMers there was that they didn't think it covered their proposal, either.
SKIP is Simple Key management for Internet Protocols: it's an elegant key management system that uses Diffie-Hellman public keys (Aziz notes that any DH-like scheme will work). The IPsec folks wanted (or just were considering it?) to use it in their secure IP work, but were balking at the patent status.
Just considering it. In my opinion, none of the existing key management proposals is sufficient. They all have the feature that very good cryptographers have sweated over the cryptography in them but that the systems don't attach enough information to the resultant security associations to permit you to actually write secure applications, which in the end makes the excercise less than completely successfull. .pm