Network2/Security

From OLPC
< Network2
Revision as of 02:07, 29 July 2009 by Mstone (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Prerequisite concepts: spoofing, petname, authentication, confidentiality, integrity, availability, DNS resolver, DNS nameserver, dnscurve, security association, asymmetric cryptography

This optional section is included merely to offer some hints about where we think communications security ought to be headed.

  1. Spoofing, Integrity, Confidentiality. See communications security and petnames for some background. A very rough road along which something reasonable might lie:
    • Use physical introduction to CNAME cscott.michael.laptop.org to <key>.cscott.laptop.org.
    • Then, my dnscurve-compatible DNS resolver will refuse to give me addresses unless the nameserver I contact for cscott proves knowledge of cscott's private key.
    • Then I have a nice basis with which to configure IPsec security associations.
  2. System Integrity
  3. DoS
Retrieved from "http://wiki.laptop.org/mediawiki/index.php?title=Network2/Security&oldid=213770"