----- Original Message -----
From: "George Bonser" <gbonser@seven.com>
So using multicast for things like software updates to computers over the general internet to the general public probably isn't going to work. Encryption is also an issue because it doesn't really work well over multicast. How do I encrypt something in a way that anyone can decrypt but nobody can duplicate? If I have a separate stream per user, that is easy. If I have one stream for all users, that is harder. The answer is probably in some sort of digital signature but not really encryption.
Um, yeah; that'd be private key digital signature.
Using public/private key encryption over multicast, I would have to distribute the private key so others could decrypt the content. If they have the private key, they can generate a public key to use to generate content.
Encryption is probably overkill anyway. What is needed is a mechanism simply to say that the content is certified to have come from the source it claims to come from. So ... basically ... better not to use multicast for anything you really might have any security issues with. Fine for broadcasting a video, not so fine for a kernel update.
Nah; you're overthinking it. Signed updates solve the problem just fine. Note that Linux (SuSE/YAST/YOU) does this already. But you *are* expanding the attack surface, and the signature/PKI infrastructure has to be correspondingly more robust. Cheers, -- jra