As I mentioned earlier I am not particularly a fan of getting a security framework out in front of a protocol framework. While security needs to be designed in from the outset, it also needs to be closely coupled to the actual mechanisms being used.
I'm also concerned about the whole "trusted network" thing. I think that if you're going to continue to hang onto it (and I'd really rather that you did not), you should probably explain in the document that one of your starting assumptions is that there are no insider threats. Melinda _______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
