Network2/Security
< Network2
Jump to navigation
Jump to search
Prerequisite concepts: spoofing, petname, authentication, confidentiality, integrity, availability, DNS resolver, Network2/Concept/DNS nameserver, dnscurve, security association, asymmetric cryptography
This optional section is included merely to offer some hints about where we think communications security ought to be headed.
- Spoofing, Integrity, Confidentiality. See communications security and petnames for some background. A very rough road along which something reasonable might lie:
- Use physical introduction to CNAME cscott.michael.laptop.org to <key>.cscott.laptop.org.
- Then, my dnscurve-compatible DNS resolver will refuse to give me addresses unless the nameserver I contact for cscott proves knowledge of cscott's private key.
- Then I have a nice basis with which to configure IPsec security associations.
- System Integrity
- DoS