Opportunistic encryption
Opportunistic Encryption (OE) allows for "encryption for secure communication without any pre-arrangement specific to the pair of systems involved." In layman's terms, a computer asks the other computer it communicates with if they can use encryption, if it responds affirmatively then the traffic between the two machines will be encrypted.
This provides a level of security which is sometimes described as Better Than Nothing Security (BTNS[1]) or ANONSEC. It does not provide a strong level of security as authentication may be difficult to establish and secure communications are not forced. It does make the encryption of most internet traffic easy to implement, which has been a significant impediment to the mass adoption of internet traffic security.
The FreeSWAN[2] project sponsored by John Gilmore[3] was one of the early proponents of OE. FreeSWAN has since been discontinued and has split into OpenSWAN[4] and StrongSWAN[5] variants. OpenSWAN has also been ported to the OpenWRT[6] project and runs on Linksys WRT54 (and family) routers. Windows platforms can also use a form of OE by turning on various features (mmc, IP Security Policies on Local Computer, server (Request Security)) of IPsec which is installed in Win2k and XP.
Opportunistic Encryption can also be used for specific traffic like email:
STARTTLS[7]
STARTTLS and postfix[8]
STARTTLS and Exchange[9]
Many systems employ a variant by first attempting to obtain a key and if unsuccessful, then it sends the email in the clear. PGP, Hushmail, Ciphire, among others can all be setup to work in this mode.
Some VOIP solutions provide for painless encryption of voice traffic when possible. The Sipura[10] line of ATAs include an implementation of SRTP[11] with the installation of a free certificate[12] When the call is placed an attempt is made to use SRTP, if successful a series of tones are played into the handset, if not the call proceeds without using encryption.
John Gilmore[[13]]
OpenS/SWAN[[14]]
FreeS/WAN[[15]]
StrongSwan[[16]]
SRTP[[17]]