From: Keith Moore <moore(_at_)cs(_dot_)utk(_dot_)edu>
What about option 4, "information publishers who don't like interference
by transport providers use TLS/SSL to enforce actual end-to-end
transmission of the content" ? As we gain experience in implementing
TLS, this is a certainly a possibility!
so we increase the burden on publishers who want content integrity in the
name of decreasing the burden on intermediaries who want to corrupt content?
Most publishers do not need use TLS/SSL or other end-to-end integrity
guarantees to fix the corrupters, but only enough to make their business
plans look stupid even to their prospective suckers--uh, I mean--investors.
Encouraging the development of services that corrupt content sounds
like the best way to finally get end-to-end security into the Internet.
The silly old nonsense about dirty evil nasty hackers with packet
sniffers capturing credit card numbers hasn't done the trick.
It probably needs reality.
somehow that doesn't seem like a socially beneficial tradeoff.
Yes, needing to pay the various costs of locks, guns, guards, police,
armies, and so forth is an unfortunate consequence of living in big
cities instead of an isolated village.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com