For those wondering whether KRAP is still alive or not, the latest issue of
Computers and Security (Vol.19, No.1, 2000) is a special issue on this topic,
including coverage of functional models, common formats for interoperable KRAP
and global KRAP interop mechanisms, KRAPifying the PKI (with mention of the
current KRAP features in RFC 2510 and 2511), stored data recovery, KRAPifying
IPSEC, ISAKMP, and SSL/TLS (with the articles worded as RFC's, which is a
scary sign). It doesn't look like anything's escaped the KRAPpers[0]
attention. The main contributors are IBM and Cylink, with contributions from
NAI (via TIS) and Secure Computing Corp.
Peter.
[0] You sure can get a lot of mileage out of this acronym.
