[Cryptography] Boing Boing pushing an RSA Conference boycott
ianG
iang at iang.org
Wed Jan 15 06:15:31 EST 2014
Hi Steve,
I beg to differ!
On 14/01/14 12:21 PM, Stephen Farrell wrote:
>
>
> On 01/14/2014 07:01 AM, ianG wrote:
>>
>> ... the IETF. They have truly not served
>> us. We should have had opportunistic SSL covering the planet by now,
>> and that would have been a fantastic defence against the worldwide
>> surveillance -- it would have shifted the NSA to an active attack, which
>> would have been eventually detected.
>
> TLS has always included anon-dh ciphersuites, going back to 1996
> at least. [1] It could be interesting to think about why fewer
> protocols wanted to use that, and why its not been implemented
> and deployed widely, but its in the protocol and always has been.
Yes. Why is anon-dh there in TLS but not covering the planet?
Opportunistic crypto (more like Self-signed Certs) is there in SSH, and
SSH *is covering the planet* !
>> They're still sitting there doing the work of the companies and not the
>> work of the people. What success have the IETF committees brought us,
>> other than to surface the corporate wars?
>
> I have no idea what that's supposed to mean, other than
> being a pejorative.
It's bad, I grant. It's a rhetorical question, it's supposed to
indicate that IETF doesn't actually have a good track record here...
Write them down, successes v. failures, left v. right.
> And 'committees' is plain wrong, IETF
> WGs are mailing lists to which anyone can contribute, quite
> like this one, but with some more structure because they
> exist to produce output. But the IETF is far from perfect
> of course.
A WG achieves the same result as a committee. Of course they are not
committees, anyone can join. But we get the same effect, it's a zebra
without stripes, or is it a horse with stripes?
> Anyway, if you want to change the IETF then you can do that
> simply by being involved.
"Getting involved" is the reason why TLS opportunistic encryption is not
covering the planet.
Although widely criticised for its crypto, SSL v1 was opportunistic
until certain financially interested parties (remember their names?
infamous now) forced Netscape to "get involved" and get certified before
it had got enough traction. Since then, those that are "involved" have
made sure that there is no change.
> If you want to just tell the IETF
> how to change from the sidelines, then you can even do that,
> you've a day and a bit left to submit a position paper. [2]
> (I do think it'd be good to have some position papers from
> outside the usual consensus so I do mean that.)
"The Vancouver IETF plenary concluded that pervasive monitoring
represents an attack on the Internet, and the IETF has begun to carry
out various of the more obvious actions required to try to handle this
attack. "
We've been here so many times. OK, so here's what's going to happen.
The people at the event will agree to try more stuff, they'll hear more
presentations, and there will be a general move to accept more thinking
about opportunistic crypto.
Once the declaration of consensual outrage is done, the WGs will ignore
it totally. They'll get back to their fiddling around with MD5 fires
and beastly breaches and what have you. PKIX will not support
opportunistic. The vendors won't do a thing, because they can't change
anything without leadership from the WG, who they "involve" to control.
And if anyone convinces the WG to actually shift and say something like
"all servers must now offer anti-mass surveillance suites," then the
vendors will say, oh, and now you have to convince the vendor's
associations... get involved!
The IETF cannot be presented with a position paper describing the
problem because the IETF is part of the problem, and nobody wants to
hear it who has already taken the investment to participate.
iang
> [1] http://tools.ietf.org/html/draft-ietf-tls-protocol-00
> [2] https://www.w3.org/2014/strint/
More information about the cryptography
mailing list