On Sun, Feb 09, 2003 at 11:34:01PM -0500, Steven M. Bellovin wrote: > First, there was no key management. This means that loss of a single > unit -- a stolen laptop or a disgruntled (ex-)employee would do -- > compromises the entire network, since it's impossible to rekey > everything at once in an organization of any size. For most real-world > deployments, this is the most serious weakness. Furthermore, if there > were real key management, the next two problems couldn't have happened. > This was clearly avoidable.
Practically, what's the right way to do this? You could do it with a centralized server key that has the ability to broadcast a new shared key to all clients, but then if the server gets compromised you lose control of the entire network (possibly true anyway, for different reasons). >From my personal (limited) experience, key management is really hard. I'm curious about potential solutions to this. -- - Adam ----- Adam Fields, Managing Partner, [EMAIL PROTECTED] Surgam, Inc. is a technology consulting firm with strong background in delivering scalable and robust enterprise web and IT applications. http://www.adamfields.com --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]