I don't think anyone's ever argued that perfectly reliable transmission was a must-have, or even if it were possible. However, the U.S. Controlled Access Protection Profile and Labeled Security Protection Profile (which replace the old C2 and B1 designations of the Trusted System Evaluation Criteria) require that mechanisms that are part of a system's Trusted Computing Base shut down if they can't log, thus it is a requirement that transmission failure be detectable (i.e., timeout if no ack type stuff) for any system going after these designations.
begin:vcard n:Calabrese;Chris tel;work:201-703-7218 x-mozilla-html:TRUE org:Merck-Medco Managed Care, L.L.C.;Internet Infrastructure and Security adr:;;1900 Pollitt Drive;Fair Lawn;NJ;07410;USA version:2.1 email;internet:[EMAIL PROTECTED] title:Internet Security Administrator fn:Chris Calabrese end:vcard
