It is noted by the authors that as this system scales the problem
becomes a, well known and tricky, key management problem. While
recommendations for key management are useful they are not
necessarily in scope for this document as best common practices
around key management should already be mandated and enforced by the
cognizant authorities in their existing systems. This document
instead focuses on finding a balance for generic wide-spread
interoperability between DIMEs with authorities and their existing
systems in a Differentiated Access Process (DAP).
at a minimum the key managment problem should be elucidated
DRIP has no intention to develop a new "art" of key management,
instead hoping to leverage existing systems and be flexible enough to
adapt as new ones become popular.
From the opsdir review