Talk: Making IPsec scale using DNS or anonymous keying
Open security- Day
- Sunday 11th of November, 2012
- Start
- 11:00
- End
- 11:45
- Duration
- 0:45:00
- Room
- Room 4
by Michael Cardell Widerkrantz
The use of IPsec depends on an existing authentication infrastructure: There must be a way of distributing keys, either in a certificate tree or by distributing keys out-of-band. In a large network with many different management zones, this is difficult. It has been said over and over again that “IPsec doesn't scale”.
This presentation describes two experimental implementations that uses the existing DNS infrastructure for key distribution and, failing that, using anonymous keying, so called Better-than-nothing security (BTNS).
More information:
Slides and notes:
Concurrent events:
- 11:00 - 11:45 Talk: Fixing public procurement: how we'll stop European governments from renewing their Microsoft licences
- 11:00 - 11:45 Talk: Creating real time graphics in real time
- 11:00 - 11:45 Talk: Why We Fight
Next (up to 3) talks in the same room (Room 4):
- 12:00 - 12:45 Talk: Give me an hour
- 15:15 - 16:00 Talk: Open Microphone
- 16:15 - 17:00 Talk: Yabasta – Building an End-to-end Secure Social Network
Events that start after this one (within 30 minutes):
- 12:00 - 12:45 Talk: Active internet politics in Denmark (and beyond)
- 12:00 - 12:45 Talk: Free ICT to Deprived Communities in Africa
- 12:00 - 12:45 Talk: Give me an hour
- 12:00 - 12:45 Talk: Freedom Box