[Cryptography] The role of the IETF in security of the Internet: for or against the NSA? for or against the security of users of the net?

Paul Wouters paul at cypherpunks.ca
Mon Aug 11 10:30:33 EDT 2014


On Mon, 11 Aug 2014, James A. Donald wrote:

>> Can you give an examples of such deception?
>
> http://www.theregister.co.uk/2014/01/08/nsa_bod_crypto_standard_co_chair_controversy/
>
> A clear consensus was clearly ignored.

If that was consensus ignored, then the cryptography lists themselves are one
consensus posting after the other :)

You are clearly confusing loud groupies with consensus.....

The IETF/CRFG process caught the mistake of dragonfly. So isn't this a
success story? The IETF/IRTF is one the most open organisation I've ever
worked with. It allows the enemies to join in, but collectively we have
the best chance of defeating any cryptography attacks against our open
proposals. Once you start filtering people based on affiliation, where
does it end? NSA? USG? Russia? China? Israel? Cisco? Huawei? Checkpoint?
How about former NSA people like Roger Dingledine, Dave Aitel or Snowden?

I completely fail to see your "clear consensus".

If you start to exclude everyone that disagrees with your opinion,
you'll end up with an empty group to make decisions. Of course, that
group of one will make the perfect decisions for _your_ world.

I mean, the "crypto community" can't even form a consensus on a single
mailing list to use, so I'm not very tempted to suggest IETF change
towards this crypto-anarchist model :)

Paul


More information about the cryptography mailing list