Security

Security Model

KSP is designed to protect against specific classes of attacks. This page covers the threat model, mitigations, and known limitations from RFC-0001 §16.

IdentityTransportNegotiationCryptographyAvailabilityKnown Limitation

⚠ KSP is an experimental protocol. Its certificate system is simplified compared to X.509 and does not support CRLs or OCSP. Self-signed certificates require out-of-band trust establishment. Do not use KSP for production security purposes.