-----BEGIN PGP SIGNED MESSAGE----- A number of people have asked me what SKIP is. IBM's patent covered modular key management in a manner that isn't clear to me. SKIP is Simple Key management for Internet Protocols: it's an elegant key management system that uses Diffie-Hellman public keys (Aziz notes that any DH-like scheme will work). The IPsec folks wanted (or just were considering it?) to use it in their secure IP work, but were balking at the patent status. Here's how to get the draft (I don't understand it well enough yet to do it justice in a summary) : - --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Internet Protocol Security Protocol Working Group of the IETF. Title : Simple Key-Management For Internet Protocols (SKIP) Author(s) : A. Aziz Filename : draft-ietf-ipsec-aziz-skip-00.txt Pages : 17 Date : 10/26/1994 There are occasions where it is advantageous to put authenticity and privacy features at the network layer. The vast majority of the privacy and authentication protocols in the literature deal with session oriented key-management schemes. However, many of the commonly used network layer protocols (e.g IP and IPv6) are session-less datagram oriented protocols. We describe a key-management scheme that is particularly well suited for use in conjunction with a session-less datagram protocol like IP or IPv6. We also describe a simple extension of this protocol to provide scalable group key-management for Internet multicasting protocols. SKIP is designed to be plugged into the IP Security Protocol (IPSP) or IPv6. This draft describes how to use SKIP in the context of the IPSP. Internet-Drafts are available by anonymous FTP. Login with the username "anonymous" and password "guest". After logging in, Type "cd internet-drafts". "get draft-ietf-ipsec-aziz-skip-00.txt". Internet-Drafts directories are located at: o US East Coast Address: ds.internic.net (198.49.45.10) o US West Coast Address: ftp.isi.edu (128.9.0.32) o Pacific Rim Address: munnari.oz.au (128.250.1.21) o Europe Address: nic.nordu.net (192.36.148.17) Internet-Drafts are also available by mail. Send a message to: mailserv@ds.internic.net. In the body type: "FILE /internet-drafts/draft-ietf-ipsec-aziz-skip-00.txt". NOTE: The mail server at ds.internic.net can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e., documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. For questions, please mail to Internet-Drafts@cnri.reston.va.us. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. - --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" - --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ds.internic.net" Content-Type: text/plain Content-ID: <19941026102713.I-D@CNRI.Reston.VA.US> ENCODING mime FILE /internet-drafts/draft-ietf-ipsec-aziz-skip-00.txt - --OtherAccess Content-Type: Message/External-body; name="draft-ietf-ipsec-aziz-skip-00.txt"; site="ds.internic.net"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <19941026102713.I-D@CNRI.Reston.VA.US> - --OtherAccess-- - --NextPart-- - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBLuS0XioZzwIn1bdtAQHJzQGA0MVuRr2weN8u058zZD0wzkjTtYadtYiH Ybgztk2dRevg44wvwYSHOgn6+qFYh7Pa =M7Om -----END PGP SIGNATURE-----