=> "SKIP" is Sun's approach for the same thing; if I understand
=> it correctly, SKIP is really all about key exchange, rather than
=> packet payloads.
=>SKIP seems to include key exchange, *and* encryption of all packets at
=>the IP level via the exchanged session key(s). They use the
=>Diffie-Hellman Public Key algorithm to exchange session keys (which, i
=>*think* can be one of several shared key algorithms...).
=>..This all is from Sun's white paper about their Sunscreen product,
=>which is in sort of a "beta" implementation period at the moment.
=>Take it for what it's worth -- I'm *considering* using them for VNP
=>(VPN), but my needs there are in 4Q96, so I can wait....
More or less correctamundo
On the SunScreen, packet encryption can be DES, RC2 or RC4 (and we change
packet keys every 512 bytes too) depending on thru-put requirements.
And BTW, we've been shipping for a couple months now.
giff (we call them secure virtual private networks SVPN's)
I got lots of letters I ain't used yet :-)
Wayne Gifford giff @
Sun Internet Commerce Group Phone 703-716-6426
2100 Reston Parkway Phax 703-620-1244
Reston VA, 22091