In article <1.5.4.32.19970529230949.00937498@pop.pipeline.com>, John Young <jya@pipeline.com> wrote:
For two years, the IETF Security Group has labored to hammer out the IP Security (IPSec) protocol, a standard way that businesses can open up an encrypted link to a trading partner's network. [...]
But an unresolved, bitter dispute over the technique for automatically swapping keys over the 'Net - referred to as key management - has resulted in two incompatible schemes in the IPSec specification.
In this battle of the acronyms, the debate centers on the Simple Key Management for IP (SKIP), developed by Sun Microsystems, Inc., and the Internet Secure Association Key Management Protocol (ISAKMP), developed by the National Security Agency.
Heh. This article is way behind the times. (Either that, or the reporter has been listening too closely to Sun marketing hype.) ISAKMP/Oakley has been endorsed as the mandatory-to-support key management standard for ipsec. Proposals to make SKIP mandatory were explicitly rejected. The bitter debate is over, and ISAKMP/Oakley won.
The link is encrypted after authentication by means of an X.509 digital certificate at an IPSec-based firewall or gateway.
Hoo boy is this reporter clueless! Don't you believe it for even an instant.