Stewart, > Remembering of course that some platforms which wish > to use the Internet simply do not have the capability for > other than a very tiny very basic stack. > > I always use the PIC and the Arduino to remind myself what the > lower end of the franchise looks like. You bring up a good point. And that is very important. The world of devices may be more significant for Internet privacy than the world of browsers and computers. That being said, it is not always clear that small devises imply no security is possible. My day job crypto team has worked on Arduinos, for instance. And many of my friends who are in the devices business have been using 32 bit CPUs for a while now because they are more easily available and/or cheaper. All this reminds me also of my work fifteen years ago on optimising various protocols in cellular devices, only to find out that couple of years later most devices were capable of running 3D FPS games. Recently some of my colleagues did an analysis of the energy consumption in today's small CPU platforms, and found that wireless transmission/reception far outweighs any other activity, including crypto. But there are indeed challenges in security of the device world. I'd suggest they are mostly in the category of provisioning models (e.g., configuration) or architecture (e.g., transport vs. other types of security). More work needed... In any case, the document said "where possible", and I think it is important to keep that distinction. Not all things are possible, and some possible things are not possible in all platforms. Jari