Uri, I agree that providing integrity protection along with encryption at layer 3 may be redundant for some applications. The concern is that users in general, and even many application developers, may not be well prepared to determine how well the interaction between lower layer crypto and their application layer integrity mechanisms serve to protect them. Steve