[AG-TECH] Security in AG

[Benedikt Bjarni Bogason]

Hello.

I was wondering if someone could give a brief clarification on how the AG
makes sure intruders cannot infiltrate an ongoing session between say me
and my client.

Below are questions, not statements. Please correct/clarify/confirm them.

- This is done by certificates?

* After I notice someone has broken in to my venue, I can "blacklist"
him/her, or rather that particular certificate.
* I can also beforehand deny anyone access to my venue except certain
certificates, some selected persons that I want to allow in? They must
already have access my venues so I can have a handle on their
certificates?
Or do I only need them to tell my their distinguished name?

* If someone is not allowed entrance, his/her VenueClient doesn't receive
the multicast addresses from the venue so he cannot connect to the venue.
"Impossible" to guess the multicast addresses. But what if he knows them?
If they are static, and somehow he knows, either because he already has
connected to it (a former client perhaps) or because it is stated on my
website or something. What stops him from just starting VIC and RAT and
listening to all my confidential conversations?

- Encryption key?

* Are the video/audio streams encrypted? Hashed up and sent that way
through the network? No one can decypher them unless he has the key? How
is that key known by all parties? Who sets that key?

* So if "a bad guy" guessed (knew) my multicast addresses he still would
not see/hear my meetings unless he also knew the encryption key?

* Why aren't I ever asked for an en(de)cryption key when I enter venues?

Please answer some (all) of those questions, and all the others I forgot
to ask as well :)

Thank you.