I think it's actually correct, and backs up Danny's point: it is very useful
to be able to use a system that is: deployed, understood, operationally
viable, etc. The risk of designing from scratch is best described by the
lead time many other architectural changes have/are facing in being
deployed.
I think the bottom line is that this infrastructure will allow a security
solution to reach deployment _much_ sooner than a green-field design.
Eric