[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Son-of-IKE Selection Criteria?
Phill,
"Hallam-Baker, Phillip" <pbaker@verisign.com> writes:
> 1. Issue every device an IP identity credential bound to its IP address.
> This is the ONLY form of identity that can provably prevent any
> additional disclosure of identity in an IP environment since your
> IP address is known in any case.
>
> 2. Perform two sequential key agreements, ]
> first an IP address based agreement
> second an identity based agreement encrypted under the key of (1).
>
How would you cope with machines with dynamic IP address?
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
References: