[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: request

That is what I meant to say, exactly. Thanks for the clarification.

Scott Davidson
Central US Systems Engineer
NOKIA IPRG US Sales - Dallas

-----Original Message-----
From: owner-ipsec@lists.tislabs.com
[mailto:owner-ipsec@lists.tislabs.com]On Behalf Of Derrell D. Piper
Sent: Thursday, October 14, 1999 11:03 PM
To: scott.davidson@iprg.nokia.com
Cc: jerome@psti.com; ipsec@lists.tislabs.com
Subject: Re: request 


>The standard known as ISAKMP/Oakley is now known as IKE


>The standard known as IKE does not specifically exactly conform to the
>standard known as ISAKMP/Oakley
>Manufacturers have adopted IKE in order to satisfy customer needs
>than try to comply with the full ISAKMP/Oakley standard
>IKE and ISAKMP/Oakley are not the same standard as viewed from the RFC,
>IKE is a subset of the original standard that for all intents and
>purposes is the same thing in practical applications.

These statements are partially incorrect and misleading.  What you may
meant is that IKE does not implement all of ISAKMP or all of Oakley.
certainly true.  However, IKE is ISAKMP/Oakley and is _the_ key exchange
mechanism that the IETF adopted.  All we did was shorten its name to
make it
more pronouncable.  We published the Oakley draft as an RFC because it
provides important background and justification for the security of the
key exchange protocol.

>You will hear IKE and ISAKMP/Oakley used interchangeably

Actually, few people speak of ISAKMP/Oakley anymore.


Attachment: smime.p7s
Description: application/pkcs7-signature