Crypto Disputes

David Wagner daw at cs.berkeley.edu
Fri May 30 14:33:46 PDT 1997


In article <1.5.4.32.19970529230949.00937498 at pop.pipeline.com>,
John Young  <jya at pipeline.com> wrote:
>      For two years, the IETF Security Group has labored to
>      hammer out the IP Security (IPSec) protocol, a standard way
>      that businesses can open up an encrypted link to a trading
>      partner's network. [...]
> 
>      But an unresolved, bitter dispute over the technique for
>      automatically swapping keys over the 'Net - referred to as
>      key management - has resulted in two incompatible schemes
>      in the IPSec specification.
> 
>      In this battle of the acronyms, the debate centers on the
>      Simple Key Management for IP (SKIP), developed by Sun
>      Microsystems, Inc., and the Internet Secure Association Key
>      Management Protocol (ISAKMP), developed by the National
>      Security Agency. 

Heh.  This article is way behind the times.  (Either that, or the reporter
has been listening too closely to Sun marketing hype.)

ISAKMP/Oakley has been endorsed as the mandatory-to-support key management
standard for ipsec.  Proposals to make SKIP mandatory were explicitly rejected.

The bitter debate is over, and ISAKMP/Oakley won.

>                         The link is encrypted after authentication
>      by means of an X.509 digital certificate at an IPSec-based
>      firewall or gateway. 

Hoo boy is this reporter clueless!  Don't you believe it for even an instant.







More information about the cypherpunks-legacy mailing list