>>>>> "Nayfield," == Nayfield, Rod <rnayfield@mail.iconnet.com> writes: Nayfield,> The reason I think the SSL isn't that bad of an idea Nayfield,> is that it is available _now_. You aren't going to have Nayfield,> to wait for people to implement the IPSec proposals once Nayfield,> they are finalized. I don't think that SSL is proposed Nayfield,> as a long-term solution; but an interim one. Nayfield,> Someday we will have fully cryptographic IP packets Nayfield,> and sniffing will be dead as a dog. This can't happen Nayfield,> tomorrow; so let's at least keep, say, my AMEX # safe. The 'competitor' to SSL is not network-level encryption, but S-HTTP, another secure hypertext spec. It's kind of in flux right now. These issues get discussed on the www security list. signu up at www-security-request@ns1.rutgers.edu You can buy an S-HTTP developers kit from terisa (an RSA affiliate) in the US. otherwise, hallam@dxal18.cern.ch is putting it into the CERN library. -Rens