5 May
2011
5 May
'11
3:48 p.m.
----- Original Message -----
From: "Steven Bellovin" <smb@cs.columbia.edu>
Encryption is probably overkill anyway. What is needed is a mechanism simply to say that the content is certified to have come from the source it claims to come from. So ... basically ... better not to use multicast for anything you really might have any security issues with. Fine for broadcasting a video, not so fine for a kernel update.
See the work of the IETF MIKEY working group.
He won't like it. He hates everything. Cheers, -- jra