Devised by the authors of FreeSwan, Opportunistic Encryption is a method for securing communication between any two correctly configured computers on the Internet, without them needing any prior information about one another.

Think of the name as "I will encrypt packets for sites that can use them, where I have the opportunity to do so reliably."

IPSec previously suffered from a scaling problem in that that the system/network administrators from any pair of systems or networks that want to have encryption between them had to exchange some sort of PublicKey.

With OE, each system/network administrator puts the key(s) needed to create IPSEC tunnels with their networks into the DNS. Then when another OE enabled IPSEC gateway wants to send packets to a host on the Internet, a check is first done to see if there are any keys in the DNS for that host and if there are, they are fetched and an encrypted tunnel is set up transparently. If there are no keys, then the packets MAY (if the administrator of the sending network allows so in his security policy) be sent in the clear.

FreeSwan 2 does OE out of the box. FreeSWAN's quickstart to Opportunistic Encryption might help.

See the very readable IETF draft for the Opportunistic Encryption specification.

Note that OE does not guard against ManInTheMiddle attacks, unless the keys can be independently authenticated, for example by DNSSEC.

So what is the point of it? It is resistant to passive snooping, for example by spy agencies, other Government organizations, and Bad Guys in general. To defeat the encryption, they would have to actively intercept your connection attempts and substitute their own keys. This might be considered too much work for somebody who is not specifically targeting you, but just generally snooping on Internet traffic, hoping to find something interesting. Is this a realistic threat to guard against? Only you can decide.