Abstract-Access to Internet services is granted based on application-layer user identities, which also offer accountability. The revered layered network model dictates a disparate networklayer identity scheme for systems. We challenge this religious layered model adherence by demonstrating the practical benefits derived from a cross-layer identity scheme. Instead of a rigid identity, our malleable identity (MI) scheme empowers a traffic originator to fine-tune, on a per-case basis if necessary, her 3rd-party issued identity attributes embedded in an identity voucher (IV). When tagged to traffic, IVs benefit users, the Internet and services. A user can (a) control her traffic identifiability, ranging from anonymous, pseudonymous to personallyidentifiable through attributes fine-tuning and (b) enjoy Internetwide Single-Sign On (SSO) to network-layer Internet resources and application-layer services through IV persistence, without privacy loss naturally associated with SSO. The Internet and services can prioritize traffic, using IV attributes, as defense against Denial-of-Capability (DoC), Distributed Denial-of-Service (DDoS) and Border Gateway Protocol (BGP) prefix hijack/route forgery. MI is protocol/architecture-agnostic, and backwards/forwards compatible
