Erik,
You have to put the two together. If we do, we find that we can solve
the UI problem by taking authentication OUT of known insecure
components. But that requires a protocol to that authentication
component. If one exists, what is it? It requires process
interactions. What are those? All of this needs to be written down IN
THIS CONTEXT. The secure communication path must be capable of opaquely
traveling through a host without knowledge of IP address, for instance.
We've done stuff like this before, but not in this context. TLS depends
on IP address. Oops.
And then there's registration. Uyh.
Eliot
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf