> We are doing it to protect reachability. Again:
>> When you're protecting reachability, what are you protecting? >> Whether or not someone can reach something. I assume that the >> "something" you're trying to protect reachability to would/must >> include things where you enter your password. >> >> Hence, I look at this entire problem a little differently than >> simply trying to enforce a small subset of policies, or as a >> theoretical exercise... If we can't prevent real world consequences >> with this work, then --why are we doing it? > We are not protecting your password in clear text on the internet. I would challenge you to find any statement of mine where I said this work is about "protecting your password in clear text on the internet." "The Internet" is not an abstract collection of "things." It is a set of reachable destinations. People go to those destinations to transact business. If people reach the wrong destination, they transact business with the wrong party. If a "security system," can't protect me from reaching the wrong destination on a system designed to get me to the right destination, then the security system is, generally speaking, useless. I do wish I didn't have to have users connected to the networks I design and work on --it would really make my life much simpler. But then again, no users, no network, right? I think we sometimes get so lost in the theory that we forget what networks are actually _for_. :-) Russ > > -- > Jakob Heitz. x25475. 510-566-2901 > _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
