> ] from "Perry E. Metzger" <perry@PIERMONT.COM> > > ] ... > ] I think the main good certification can do is to stop some of the > ] idiocy mail forging viruses have started. > > } From: Keith Moore <moore@cs.utk.edu> > > } ... > } indeed, if we could just make it easy to trace the source of viruses > } (so that we can detect them earlier and make it more likely to catch > } them close to the source), that would seem like a big win. > > Given the imperative for Redmond-style user friendliness, how will > you keep viruses from replacing any signatures of the previous hop > with new signatures using private keys found in the current machine? It would be totally futile to try to discuss that level of detail on the IETF list. There's a reason we insist that proposals be submitted in I-D form before being considered. (But FWIW, I'm not thinking about a hop-by-hop mechanism.) Keith