And here are the questions that were added in the PPCo. These might be interesting for all groups to think about.
What is "identity"? A type of object? A relation?
Where is the emphasis (which I have been taught is fundamental when thinking about security) on tradeoffs? I thought the question to ask was not "is it secure" but "is it worth it?" (cf. Schneier)
Make sure that "network support for data objects" emphasizes their lifetime dimension. Give example, e.g., facilitation of privacy for a data object
What about economic mechanisms that improve incentives for end-hosts to adopt measures that enhance security? We had a lot of difficulty coming up with a consensus on the security requirements for a network architecture; so chances are that if you decide on a particular choice of requirements to "bake into" the architecture, it will be difficult to get the support of the community. What does that mean with respect building a "trustworthy" Internet architecture?
A big question is how to support accountability in the Internet; what facets of it should exist: financial, legal liability, incentives; how does it work in a trans-national network; how does it interface with the desire to have privacy/anonymity in many contexts?
What do you mean by an architecture that defends itself? Traffic analysis from the provider?