Skip to main content
IBM 
ShopSupportDownloads
IBM HomeProductsConsultingIndustriesNewsAbout IBM
IBM : developerWorks : Security : Education - online courses
Virtual private networks, Part 2		Download tutorial zip fileView letter-sized PDF fileView A4-sized PDF fileE-mail this tutorial to a friend
Main menuSection menuGive feedback on this tutorialPreviousNext
4. Key exchange
  


Internet Key Exchange II page 2 of 11


IKE supports client negotiation. Client mode is where the negotiating parties are not the endpoints for which security association negotiation is taking place. When used in client mode, the identities of the end parties remain hidden.

Before going into the RFC 2049 details, it must be understood that IKE is not yet fully deployed on the Internet because the total system is still under development. Parts of it (like 2049) seem relatively stable, but other parts (like the specific hash function to be used in IKE) are still in the draft stages. Also, there is not a distributed PKI yet that is available to all. A VPN can use the overall framework of IKE, but must look at a specific implementation to make sure that it will perform as needed.


Main menuSection menuGive feedback on this tutorialPreviousNext
PrivacyLegalContact