> Let's implement Transport Layer Security inside all our application > layer protocols!
I can see the logic in the IESG (thanks, again, Geoff) mandating TLS as a negotiated layer _and_ I can see the nightmare it gives rise to. Properly designed, this means there is a single implementation of TLS (Russ's comments about a TLS-savvy kernel, more likely a kernel module in the brave new world after Linux) and a reality of each school implementing it slightly differently and totally incompatibly. My gut feel is that applying namespace rules (OK!) would alleviate the nightmare, just as factotum very successfully simplifies a different aspect of security. ++L
