IPN Core Security (conít)

• Should the IPN infrastructure be self-protecting?

  • Mutually suspicious IPN nodes that authenticate each other via cryptographic means?
  • Secured routing updates between the IPN nodes?
  • Key management/distribution? (e.g., Diffie-Hellman key agreement is *not* the right answer for this environment).
  • Should the ìcoreî security look like ìbundleî security - e.g., use email security model?

Previous slide

Next slide

Back to first slide

View graphic version