ietf
[Top] [All Lists]

Re: recommendation against publication of draft-cerpa-necp-02.txt

2000-04-07 09:00:02
Howdy,

Stephen Kent wrote:
Thus, if anyone is
really concerned about know with whom they are communicating, and
whether a packet was modified in transit, they should be using these
standards security technologies.  Many web sites for which these
security concerns are significant already make use of SSL/TLS anyway.

I think the point was that this will impact many more casual 
interactions, where one wouldn't necessarily think to have to employ
authentication technologies.  

There are times when I and my ISP, or the ISPs it peers with, have 
different opinions about what is sufficiently recent/authentic
(of a copy of a resource, or even of a final destination address).
If unrelated entities in the chain each get to "assert an opinion"
about what's "good enough", for their own purposes, it is not at
all clear that I get the end-result that I deserve, or am even aware
of the fact that things have been changed midstream.


Leslie.

-- 

-------------------------------------------------------------------
"My body obeys Aristotelian laws of physics."
   -- ThinkingCat

Leslie Daigle
leslie(_at_)thinkingcat(_dot_)com
-------------------------------------------------------------------



<Prev in Thread] Current Thread [Next in Thread>