IPSEC

IPSEC provides authenticated and cryptographically secure communication between two machines. The machines identify themselves with X.509 Certificates (issued to the machine itself and not to the user running on the machine).

If an administrative user has a person machine that is secure (physically and by requring logon), and if he is the only one who uses that machine, then it is not unreasonable to associate secure traffic from that machine with the user who exclusively uses it.

This is a fairly simple environment to set up with Windows XP Professional desktops and an Active Directory Domain with a Certificate Server. However, if you have all that stuff, then institutional Client Certificates are just as easy and much more direct than using IPSEC.

At this time, IPSEC is a "strawman" option that is presented only to insure that the architecture will support it. Someone may require it in the future, and if so they should be prepared to write code. It may be very difficult to gain access to the IPSEC session information from Java.

IPSEC uses Certificates, so it has the same Certificate failure issues as Client Certificates. However, since in this case the Certificate is a machine name, there must clearly be some external database to map machine Subjects to user Subjects.