[Cryptography] Opening Discussion: Speculation on "BULLRUN"

Samuel Weiler weiler at watson.org
Fri Sep 6 23:01:28 EDT 2013

On Thu, 5 Sep 2013, Phillip Hallam-Baker wrote:

> * Allowing deployment of DNSSEC to be blocked in 2002(sic) by 
> blocking a technical change that made it possible to deploy in 
> .com.

As an opponent of DNSSEC opt-in back in the day, I think this is a 
poor example of NSA influence in the standards process.

I do not challenge PHB's "theory that the NSA has plants in the 
IETF to discourage moves to strong crypto", particularly given John 
Gilmore's recent message on IPSEC, but I doubt that the NSA had any 
real influence on the DNSSEC opt-in debacle of 2003.

First, DNSSEC does not provide confidentiality.  Given that, it's not 
clear to me why the NSA would try to stop or slow its deployment.

Second, as I look at the people who opposed opt-in and the IETF 
working group chairs who made the decision to kill it, I don't see 
likely NSA stooges.  The list of opponents during working group last 
call was so short [1] (as compiled by PHB, back in the day) that I 
thought the working group chairs got the consensus call wrong.  The 
DNSEXT chairs were Randy Bush and Olafur Gudmundsson.  In previous 
years, Olafur had worked for TIS Labs, which had taken plenty of DoD 
money over the years.  Even so, I do not suspect he was influenced by 
the NSA.  Randy has taken money from DHS in more recent years, but I'm 
even more convinced he was not an NSA stooge.  (Randy was the chair 
issuing the opt-in last call and writing the summary.)

Third, many of the opt-in opponents in 2003 seemed to be pretty 
convinced that the lowered security guarantees and extra complexity of 
opt-in were nothing more than a subsidy for Verisign, which could just 
as well throw more money at the problem of signing its large zones. 
One might plausibly argue that Verisign's push for opt-in (and its 
later push for NSEC3) was itself a stalling tactic.  One might even go 
further and say that Verisign initiated such stalling at the behest of 
the NSA.  I would not make that argument, but it is at least as 
plausible as an argument that the opt-in opponents or WG chairs were 
NSA stooges.

Lastly, the US DoD was funding some amount of work on DNSSEC at the 
time (i.e., my own participation).  During that timeframe, significant 
progress was being made on the deployability of DNSSEC, and I think 
the DoD funding helped.  Depending on your whims, you could either 
credit DoD for helping or blame them for not providing even more 
funding, which might have made for faster progress.

So, again, while PHB's general theory might have merit, I think the 
DNSSEC opt-in example is not on point.

Disclosures: I was deeply involved in the IETF's DNSEXT working group 
during this time, and my funding came from non-NSA bits of DoD.  I am 
not aware of any NSA influence in my funding, and I felt no NSA 
pressure in the work I was doing.  I was a vocal opponent of opt-in, 
but in the end I chose to "step aside and let it advance".[2]

-- Samuel Weiler

[1] http://marc.info/?l=namedroppers&m=105145468327451&w=2

[2] http://marc.info/?l=namedroppers&m=104874927417175&w=2

More information about the cryptography mailing list