I'm just catching up on a very large mail backlog (much of which is Cypherpunks). Many Cypherpunks are apparently unaware of the security work going on within the Internet Engineering Task Force (IETF). Besides the infamous Privacy Enhanced Email (PEM), there are lesser known groups working on application layer security interfaces and on IP-level security (encryption and/or authentication of individual IP datagrams). Okay, I'm not saying all this work is being done right. In some cases it's not being done at all (or very slow progress is being made). In my opinion, the situation is ripe for some highly motivated Cypherpunks to read the stuff that's already been published (available from the standard FTP repositories like nic.ddn.mil), digest and critique it, and either implement the ideas that have been proposed or do them better yourself. But you should really be aware of what other work is going on in these areas before you reinvent the wheel. My personal interests and preferences lie in doing security at the IP layer. It doesn't solve all problems, but it is an approach that has been almost totally unexplored until now. And with the ever-increasing use and availability of low-cost dialup SLIP/PPP connections as an alternative to dumb terminal emulators and UUCP, I think it's a powerful technique. But I just don't have as much time to work on this as I'd like, and it would really be nice to find others to help in the effort. Phil