A key establishment protocol (proposed for IPsec but superseded by IKE) based on the Diffie-Hellman-Merkle algorithm and designed to be a compatible component of ISAKMP. [R2412]
A key establishment protocol (proposed for IPsec but superseded by IKE) based on the Diffie-Hellman-Merkle algorithm and designed to be a compatible component of ISAKMP. [R2412]
Tutorial: OAKLEY establishes a shared key with an assigned identifier and associated authenticated identities for parties;
i.e., OAKLEY provides authentication service to ensure the entities of each other's identity, even if the Diffie-Hellman- Merkle exchange is threatened by active wiretapping. Also, it provides public-key forward secrecy for the shared key and supports key updates, incorporation of keys distributed by out-of- band mechanisms, and user-defined abstract group structures for use with Diffie-Hellman-Merkle.