On Thu, 15 Feb 1996, Carl Ellison wrote:

...

The more complex portion (from my perspective, at any rate) is a modification of the standard TCP/IP protocol, requiring that each packet be signed by its originating user.

That's the killer. Signatures take a huge amount of CPU time. Signing each packet is not going to be cost effective.

Yep; this has been pointed out to me already. On this point I concur.

However, they could have an authenticated key exchange and then symmetric- encrypt each TCP/IP connection. That can perform -- and has the nice side effect [from the Chinese POV] of depriving the NSA of Chinese civilian net intelligence. As long as the key exchange is signed, everything travelling using that key is authenticated implicitly.

How would packets coming into the country be marked / passed on? So it seems that, in general, the Chinese supression of the net is possible. A frightening thought. Or, if you think about potential implications 10 yrs down the road here, a sobering thought. Jon ---------- Jon Lasser (410)494-3072 - Obscenity is a crutch for jlasser@rwd.goucher.edu inarticulate motherfuckers. http://www.goucher.edu/~jlasser/ Finger for PGP key (1024/EC001E4D) - Fuck the CDA.