My normal environment that I run is pretty simple. One trusted domain. So security for Event Notifications is pretty simple too - I just use Kerberos. It's simple, easy to read, nothing fancy involved, and I wanted to make sure that people weren't going to look at the prerequisites and immediately say "I don't want to deal with keys and certificates and all that - so I'm not going to do it".
A former coworker isn't as lucky - he has multiple, untrusted domains. So he had to get it working. And much to my surprise, it was considerably easier than I'd thought, from reading about Service Broker certificates (literally, one of the demos in the book I read used _7_ certificates). Yet again, I dig what MS has done with EN, since it's a simple use-case of Service Broker.
Note that we're doing encryption, creating master keys and certificates. You may need these keys in order to restore the database - that's what I've heard over the years. But from what it sounds like, technically you don't need it as nothing is encrypted. However, I'd be really paranoid and test this out on a test server first, specifically the whole "restore the databases without the keys" part..
TL;DR - Script is below, test restores before putting in
production. You'll create 1 key & 1 cert on your
Repository, and then on each monitored server you'll create 1 key & 1 cert, swapping keys with the Repository.
Many thanks to James for doing all the hard work on this!