[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: request


>The standard known as ISAKMP/Oakley is now known as IKE


>The standard known as IKE does not specifically exactly conform to the
>standard known as ISAKMP/Oakley
>Manufacturers have adopted IKE in order to satisfy customer needs rather
>than try to comply with the full ISAKMP/Oakley standard
>IKE and ISAKMP/Oakley are not the same standard as viewed from the RFC,
>IKE is a subset of the original standard that for all intents and
>purposes is the same thing in practical applications.

These statements are partially incorrect and misleading.  What you may have
meant is that IKE does not implement all of ISAKMP or all of Oakley.  That's
certainly true.  However, IKE is ISAKMP/Oakley and is _the_ key exchange
mechanism that the IETF adopted.  All we did was shorten its name to make it
more pronouncable.  We published the Oakley draft as an RFC because it
provides important background and justification for the security of the IKE
key exchange protocol.

>You will hear IKE and ISAKMP/Oakley used interchangeably

Actually, few people speak of ISAKMP/Oakley anymore.