[e2e] peer to peer, e2e, PKI authentication, trust chain discovery, management and capabilities exchange

[Christian Huitema]

> Francois - The sarcastic answer is "walled gardens" based on
> "firewalls".  That is, it's not in the interest of anyone but us
> out-of-favor hackers to focus on security and resiliency solutions
that
> don't involve the operators.

On a less sarcastic note, you can check the Microsoft efforts for
deploying IPSEC (http://www.microsoft.com/ipsec/) and in particular the
"domain isolation" scenario for deploying end-to-end protection inside
an enterprise. 

I would personally love to see the scenario extended to Internet-wide
protection, but there are practical difficulties to overcome. As the
subject header mentions, one of these difficulties is end-to-end
authentication, which seems only possible so far within well constrained
communities.

-- Christian Huitema