ipsec-4 Page:9
1 2 3 4 5 6 7 8 9 10
|
We hope … (Virtually) Zero configuration for end-users Security Policy should be maintained by an external Trusted Third Party Most embedded devices cannot have elaborated security policies Credentials should be installed not by end users but by factories Ubiquitous encryption without user configuration, if possible, actualize the IPv6 IPsec myth Adaptation to “IPv6 Plug and Play” feature Automatically generated ephemeral IPv6 addresses should be handled properly PKI avoidance PKI availability should not be mandated |