Ashar, I agree that sometimes authentication is needed, and secrecy is not important, but I'm wondering how this is determined at the IP layer. When is the choice made between authentication and secrecy? Is it your idea that the applications specify this? Does this destroy transparency across layers? Avi