
There's an interesting proposal for a study at ORNL about key management for multicast applications. Unfortunately, the ietf drafts on the protocol itself have expired :-), but there are a couple of Postscript papers pointed to by Tom Dunigan's really extensive reference list http://www.epm.ornl.gov/~dunigan/security.html The ORNL proposal is at http://www.epm.ornl.gov/~sgb/mvpnet.html ABSTRACT This proposal focuses on providing security in a multicast-based network such as the mbone. The proposed solution is application-based and works with all IP-multicast based routing protocols. It utilizes the group-oriented key management (GKMP) protocol which provides greater scaleability by removing the need for a separate key distribution center. Secondly, we look at ways of securing IP multicast from denial of service attacks. ...... The first step in implementing a secure multicast capability is the ability to provide group access control and a scaleable efficient key distribution meshanism. We propose implementing the Group-oriented Key Management (GKMP) protocol as the core of our group access scheme. GKMP currently only exists as a beta version at SPARTA. GKMP has become an experimental RFC and the code will be made publicly available by SPARTA. # Thanks; Bill # Bill Stewart, stewarts@ix.netcom.com, +1-415-442-2215 # goodtimes signature virus innoculation