Argent Stonecutter wrote: > On 2008-12-17, at 10:03, Carlo Wood wrote: >> An other approach would be to assume that packets cannot >> be intercepted, only inserted. > > Indeed. In that case, the SessionID in packets would be protection enough