Steve Reid writes:
Really, the apropriate place for content filtering is at the application layer. It *could* be done at the transport layer, but that's really not the place for it.
Izzat so? So explain to me what the difference between the PICS type ratings and security classifications is. If something is labelled "Top Secret" with some compartments, it means "do not deliver this to a principal which hasn't been authorized to receive it". If something is labelled "Not suitable for minors", it means "do not deliver this to a minor". "Age of majority" is really no different than a security clearance to receive certain information in the CDA context. Clearly the IETF believed that the network layer was an appropriate place for general classification when they developed IPv4. I haven't verified it, but I suspect that IPv6 has (or will have) an appropriate mechanism for indicating security classification. The identical mechanism may be used for packet labelling, with the broad classification indicating the distinctions between "G", "PG", "PG-13", "R", and "NC-17", and the compartments available for such things as "violence", "nudity", "adult language", "sexual content", "advertising", and so forth.
Analogy: It would be like putting a license plate on the engine of a car. It *could* be done that way, if you redesign the car so that the engine protrudes out from the back with a place for the license plate (let the technical people handle the technical details of that). But the best place for a license plate is on the outside body of the car, and the best place for content filtering is at the application layer.
Of course, putting it at the application layer is like requiring that every driver create his own license plate and hold it out the window while driving.