<body><pre>
Network Security Architecture
Carl Gunter, U. Penn

1. Fundamentals
   PKI, Three Philogophies
     - hierarchy (X.509, DNS)
     - web of trust (pgp)
     - ad hoc (ssh, most research studies)

   Certificate Management
     - Distribution: how to find a cert
       - cert accompanying signature or as part of a protocol
       - directory service (DAP, LDAP, DNS)
       - email
       - cut&paste forom web pages
     - Revocation: terminate a cert before expiration
       - how does relying party know cert is revoked
       - CRL
	 1) Q certies P is cert of Alice
	 2) R certies P is cert of Alice
	 3) Q certies R is cert of Bob
	 now, the first one isrevoked, what about the 2nd one.
	 (3 not 2) (2 and 3) (2 not 3)
       - cost a lot

   Problems
     - revocation
     - user ability to deal with keys
     - registration (with verisign)
     - weak business model

   Area of progress
     - ssl
     - authenticode (microsoft)
     - ssh
     - smartcard
     - web services

   Security at Layers
     - physical
       locked doors, spread spectrum, tempest
     - link
       wep, gsm
     - network
       firewalls, ipsec
     - transport
       ssl, tls
     - application
       S/MIME, XMLDSIG and WS security, Access Control, (SET)
 
   Division of labor in the internet
     - hosts
     - routers
     - networks

   Protocols to Software
   There are important differences between theorectical descriptions,
   standards and software (complexity due to)
   -- Evolution (version, extensibility)
   -- Interoperability (options, negotiation)
   -- Error modes
   Case 1: TLS
   Case 2: IPSec

2. Formalization and testing
   End-to-End Security and Mandatory Tunnels   
   -- SIKE(simple IKE), Netperf
   -- L3A protocol (NAT passthrough)

3. Denial of Service
4. Web Services
5. Privacy
6. Smart cards
</pre></body>
