"Michael C. Richardson" <mcr@sandelman.ottawa.on.ca> writes:

>   Also, the concept of a "secure" channel should be abstracted. SSH can
> provide one, as can SSLtelnet, or telnet-over-IPsec.

Without knowing anything about how the channel is encrypted and/or
authenticated, a `secure' bit is generally useless.  A `trust level'
(perhaps based on capabilities) might be more useful, but I'm not
sure.