On 06 Nov 2013, at 06:09, Ted Lemon <Ted.Lemon@xxxxxxxxxxx> wrote: > I assume that what we want is a mechanism for authenticating the content; in this case there is no need to encrypt the content. If that were the problem we are addressing, the best answer would involve RFC 6920. For privacy, though, STASI*) should not be able to find out that I’m retrieving RFC 1984 so that they can't identify me as a long-haired bomb-throwing leftist (or whatever retrieving RFC 1984 makes you in their minds). Grüße, Carsten *) STASI: State-level wire-Tapping Agency with Substantial Infrastructure