On 29/01/2014 12:39, Scott O. Bradner wrote:
> I just remembered that we talked about setting a direction towards protection
> quite a while ago in RFC 1752
> (the IPv6 recommendation)
>
> We feel that an improvement in the basic level of security in the
> Internet is vital to its continued success. Users must be able to
> assume that their exchanges are safe from tampering, diversion and
> exposure. Organizations that wish to use the Internet to conduct
> business must be able to have a high level of confidence in the
> identity of their correspondents and in the security of their
> communications. The goal is to provide strong protection as a matter
> of course throughout the Internet.
>
> Scott
I also noticed that we said this in RFC 1958:
6.2 It is highly desirable that Internet carriers protect the privacy
and authenticity of all traffic, but this is not a requirement of the
architecture. Confidentiality and authentication are the
responsibility of end users and must be implemented in the protocols
used by the end users. Endpoints should not depend on the
confidentiality or integrity of the carriers. Carriers may choose to
provide some level of protection, but this is secondary to the
primary responsibility of the end users to protect themselves.
Brian
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
