The current security
implementation of K2 is based on SSL inclusive client
and server authentication (see Figure). A client that
wants to gain access to the server must authenticate
itself using an ID that is signed by a Certificate.
The K2daemon and the associated server process must
trust that certificate. Usually this certificate is
a K2 certificate but it is possible to configure multiple
trusted certificates within the server.