Stephen, Larry: > if we turn on > more and better security to make pervasive monitoring significantly > more expensive, then we also gain better security against other > attackers as well This is one of the keys in the discussion, in my opinion. I do not believe we should react to specific revelations alone - at best those describe a situation at a fixed point in time. But we do need to realise that the Internet is pretty vulnerable to a large class of attacks. I think we should improve the situation. As for the how - I think cryptographic protection for a bigger fraction of Internet traffic is a necessity. Of course there are many tradeoffs to exactly how we go about that - and I think we're having exactly the right discussions about those tradeoffs in various lists. It is not an easy choice. But it is one that we need to get to the bottom of. Jari