Howdy,
Stephen Kent wrote:
Thus, if anyone is
really concerned about know with whom they are communicating, and
whether a packet was modified in transit, they should be using these
standards security technologies. Many web sites for which these
security concerns are significant already make use of SSL/TLS anyway.
I think the point was that this will impact many more casual
interactions, where one wouldn't necessarily think to have to employ
authentication technologies.
There are times when I and my ISP, or the ISPs it peers with, have
different opinions about what is sufficiently recent/authentic
(of a copy of a resource, or even of a final destination address).
If unrelated entities in the chain each get to "assert an opinion"
about what's "good enough", for their own purposes, it is not at
all clear that I get the end-result that I deserve, or am even aware
of the fact that things have been changed midstream.
Leslie.
--
-------------------------------------------------------------------
"My body obeys Aristotelian laws of physics."
-- ThinkingCat
Leslie Daigle
leslie(_at_)thinkingcat(_dot_)com
-------------------------------------------------------------------