[Cryptography] Opening Discussion: Speculation on "BULLRUN"
Jeffrey I. Schiller
jis at mit.edu
Sat Sep 7 19:52:44 EDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
On Sat, Sep 07, 2013 at 09:14:47PM +0000, Gregory Perry wrote:
> And this is exactly why there is no real security on the Internet.
> Because the IETF and standards committees and working groups are all
> in reality political fiefdoms and technological monopolies aimed at
> lining the pockets of a select few companies deemed "worthy" of
> authenticating user documentation for purposes of establishing
> online credibility.
> Encrypting IPv6 was initially a mandatory part of the spec,
> but then it somehow became discretionary. The nuts and bolts of
> strong crypto have been around for decades, but the IETF and related
> standards "powers to be" are more interested in creating a global
> police state than guaranteeing some semblance of confidential and
> privacy for Internet users.
I’m sorry, but I cannot let this go unchallenged. I was there, I saw
it. For those who don’t know, I was the IESG Security Area Director
from 1994 - 2003. (by myself until 1998 after which we had two co-AD’s
in the Security Area). During this timeframe we formed the TLS working
group, the PGP working group and IPv6 became a Draft Standard. Scott
Bradner and I decided that security should be mandatory in IPv6, in
the hope that we could drive more adoption.
The IETF was (and probably still is) a bunch of hard working
individuals who strive to create useful technology for the
Internet. In particular IETF contributors are in theory individual
contributors and not representatives of their employers. Of course
this is the theory and practice is a bit “noisier” but the bulk of
participant I worked with were honest hard working individuals.
Security fails on the Internet for three important reasons, that have
nothing to do with the IETF or the technology per-se (except for point
1. There is little market for “the good stuff”. When people see that
they have to provide a password to login, they figure they are
safe... In general the consuming public cannot tell the
difference between “good stuff” and snake oil. So when presented
with a $100 “good” solution or a $10 bunch of snake oil, guess
what gets bought.
2. Security is *hard*, it is a negative deliverable. You do not know
when you have it, you only know when you have lost it (via
compromise). It is therefore hard to show return on investment
with security. It is hard to assign a value to something not
2a. Most people don’t really care until they have been personally
bitten. A lot of people only purchase a burglar alarm after they
have been burglarized. Although people are more security aware
today, that is a relatively recent development.
3. As engineers we have totally and completely failed to deliver
products that people can use. I point out e-mail encryption as a
key example. With today’s solutions you need to understand PK and
PKI at some level in order to use it. That is likely requiring a
driver to understand the internal combustion engine before they
can drive their car. The real world doesn’t work that way.
No government conspiracy required. We have seen the enemy and it is...
Jeffrey I. Schiller
Information Services and Technology
Massachusetts Institute of Technology
77 Massachusetts Avenue Room E17-110A, 32-392
Cambridge, MA 02139-4307
617.910.0259 - Voice
jis at mit.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the cryptography