IPN Architecture Limitations

• We can only have end-to-end security where there are end-to-end protocols, therefore:

  • security cannot be performed in the IPN at the transport layer or below (no IPSEC)

    • the Internet end-to-end protocols (e.g. TCP) are terminated at the IPN gateways
  • end-to-end ìlikeî security can only be applied to the data (ìwrapî data as is done by TLS/SSL and Secure Email)

    • is TLS/SSL, as we currently know it, the right answer - many round-trip negotiations?
    • is secure email model is a better fit?
    • key management problems - ìPKI to the stars?î

Previous slide

Next slide

Back to first slide

View graphic version