Approaches toDesigning IPSP

• Monolithic: one big protocol

  • no explicit compliance checking
  • tempting but dangerous
    • security depends on correctness of a complex negotiation protocol

• Two phase: negotiate, then check

  • compliance check what was negotiated
  • simpler, safer
    • all the security is in the compliance checker
    • compliance checking is well-studied problem

Previous slide

Next slide

Back to first slide

View graphic version