> 
> >Thoughts ?
> 
> Sounds good.
> 
> If it can be done in such a way that there is minimal
> performance hit for the "I really don't care about security" option
> I can't see that anyone would be against it.
> 
> As for the "gee I'd like to be able to provide a really controlled environment 
> for untrusted users" crowd (eg. most corporates with vendor support folk 
> logging into their systems.)  It would be very nice.
> 
> --sjg
> 
This is an excellent model to pursue.  One of the arguements that will
probably come up is:
what is the performance impact of this security STUFF?
Providing an option (meaning a suite of security capabilities) that is 
tailorable should be able to allow the data owners/system managers/owners
to balance the level of protection against the level of performance.

(just a personal view: if the performance of machines continues to 
increase at the current rate, a full up, truly tight system should 
be able to provide many times the performance of previously developed
C2, B1/B2/B3, and A1 systems.)
Great idea!
bob
>