presuming your statement about an inversion of the stated trust model is correct, can we dereference "friendly" and "hostile" to whom? Who makes that assessment and who/what defines the tools to implement a trust policy?
Those are all excellent questions, and if I had good answers I would answer them.
I suspect that for most consumer ISP users, their least bad choice is to get their trust policy from the ISP. The ISP may well be awful, but for nontechnical broadband users, it is less awful than any plausible alternative I can think of. They want to maximize their revenue, but they probably don't want to install spambots on your PC and wire the contents of your bank account to Belarus.
R's, John _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf