nsis-1----Page:10
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
|
Security II: D-mode Extensions Question: could you make D-mode secure in the future? Answer: if you can do out-of-band key negotiation then it’s easy to add an optional TLV with a MAC Assume you prevent downgrade by mandating the appropriate policy at each end If you can’t do this, easier to add the security protocols to the list of C-mode options (which also an extensibility mechanism) |