On 9/7/10 3:19 PM, Adam Barth wrote: > It sadden me when standards bodies ignore reality and leave > implementors to invent their own non-iteroperable algorithms for > security-critical behavior. Of course nothing prevents us from saying UAs MUST NOT sniff but if they do anyway they MUST use a given algorithm, right? -Boris