next up previous contents
Next: Email Invitations Up: Security and Policy in Previous: RTP Security

Key Distribution

Here we look at the Key Distribution problems, including aspects of the following:

The easiest way to distribute a key for a session is by hand (or telephone, or any other out-of-bounds technique), so that the channel is out of bounds from the network, and the user puts the key in by hand. There are a number of problems with this approach though:

  • The user may make a mistake in entering the key.
  • The key must be secured on its passage.
  • It is not very timely
  • It is labour intensive.
  • It doesn't scale.
To reduce the amount of manual work, encrypted email can be used to deliver the key, and the key can be processed automatically by the local environment.