Stephen Kent wrote:
> Thus, if anyone is
> really concerned about know with whom they are communicating, and
> whether a packet was modified in transit, they should be using these
> standards security technologies.  Many web sites for which these
> security concerns are significant already make use of SSL/TLS anyway.

I think the point was that this will impact many more casual 
interactions, where one wouldn't necessarily think to have to employ
authentication technologies.  

There are times when I and my ISP, or the ISPs it peers with, have 
different opinions about what is sufficiently recent/authentic
(of a copy of a resource, or even of a final destination address).
If unrelated entities in the chain each get to "assert an opinion"
about what's "good enough", for their own purposes, it is not at
all clear that I get the end-result that I deserve, or am even aware
of the fact that things have been changed midstream.



"My body obeys Aristotelian laws of physics."
   -- ThinkingCat

Leslie Daigle

Reply via email to