Security II: D-mode Extensions Question: could you make D-mode secure in the future? Answer: if you can do out-of-band key negotiation then it’s easy to add an optional TLV with a MAC Assume you prevent downgrade by mandating the appropriate policy at each end If you can’t do this, easier to add the security protocols to the list of C-mode options (which also an extensibility mechanism) |