inspected and approved. He said that they were going to do this, again I quote, "using the same encryption that Visa and Mastercard use." The last statment pegged my bogometer, of course.

Sounds distinctly bogus to me...

1) Is it technically possible for them to limit access to only approved IP addresses? If so, how can they do this, and is it possible to get around these measures.

Yes, there are a number of ways probably the easiest of which would be a proxy server. A number of corporations have these set up so their employees spend more time looking at relevant information and less looking at porn sites ;-)

3) In general, how would you use crypto to ensure that your users only connected to approved sites, regardless of the platform or browser software they were using?

I assume here he means that the pages will be encrypted at the ISP end and the browser will only decrypt the pages the user logged on at that time has access to. This all sounds very confused to me, he is talking bollocks I would wager.

I asked the guy to send me some technical details. If I receive them, I'll share unless he makes me sign an NDA.

I would be interested to see them but would guess at this point he doesn`t quite understand what he`s talking about himself... Datacomms Technologies web authoring and data security Paul Bradley, Paul@fatmans.demon.co.uk Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: 5BBFAEB1 "Don`t forget to mount a scratch monkey"