On Fri, Mar 10, 2017 at 2:41 AM, Phillip Hallam-Baker <phill@xxxxxxxxxxxxxxx> wrote: > There are two issues > > 1) Requirements, how should this data be secured? > 2) Technology, how can the requirements be met? > > I totally agree that transport layer encryption is not enough here. The > security requirement is end to end. Agreed. IETF typically looks mostly at data-in-transit[1]. However taking a systems perspective we need to look at data-in-use[2] and data-at-rest[3] as well. Other important aspects such as key-mgmt also matter here but I am not sure how much of this falls under the purview of the IETF. -- Vinayak 1. https://en.wikipedia.org/wiki/Data_in_transit 2. https://en.wikipedia.org/wiki/Data_in_use 3. https://en.wikipedia.org/wiki/Data_at_rest