The more I'm thinking about this the more I'm not clear on... well, how much effort should be put on transmission of stuff and how much on the endpoint/host/whatever specifics, as well as the relationship between the two. To combine all this together seems a bit overwhelming (and largely pointless) at first. Perhaps this is a naive way of looking at it, but from where I stand much of security is based on these two things - transmission of data and what goes on at the endpoints. Do they matter at all to each other? If they could be separated perhaps there could be essentially two groups, or at least two areas of focus (mentally or otherwise), one working on net stuff and the other working on the other. Perhaps I'm missing something obvious (or this is already so) or this doesn't help, but while smoking a clove it seemed reasonable. I can always blame the tobacco... ;-) dan
