On Wed, 6 Aug 2014, Stephen Kent wrote:
4. The term "collection" is generally defined as passive wiretapping, so encryption suffices, irrespective of using other security services.
I think that the term or usage of the term will need to be updated in that case since we have been made aware of the efforts of massively storing encrypted traffic for later decryption (note the leaks regarding pptp and weak IKE PSK's in particular) Encryption is not "sufficient" to protect against "collection". It only raises the costs for the collector to decrypt it. Pervasive monitors in fact, _especially_ collect encrypted communications for later processing.
12. Saying that an OS-capable peer may demand more than unauthenticated encryption does conflict with the stated goal of not requiring coordination (between administrators). I think this is an example of trying to make the term OS all encompassing.
Well, the term "opportunistic security" surely feels more encompassing compared to "opportunistic encryption". If we are only talking about encryption, don't call it security. Paul