Path: utzoo!attcan!uunet!lll-winken!csd4.milw.wisc.edu!uxc.cso.uiuc.edu!iuvax!cica!tut.cis.ohio-state.edu!ucbvax!topexpress.co.UK!cgg
From: cgg@topexpress.co.UK (Gray Girling)
Newsgroups: comp.protocols.iso
Subject: Re: Upper layers security
Message-ID: <6381.8907050928@ralph.topexp.co.uk>
Date: 5 Jul 89 09:28:50 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 10

The transport and network layer are good places to support encipherment, but
if you want the added efficiency of selective field based security or if you
require non-repudiation (using digital signatures) 7498-2 says you must use
the upper layers to provide it.  So some way to deal with encipherment in the
upper layers will eventually be standardized.

The version of 7498-2 I have implies that selective field confidentiality could
be provided in the Application layer.  Given the logical difference
between the syntax used in two AEIs, encipherment (as usually understood) would
not seem to be an applicable mechanism.  So how could you do it?