[Cryptography] Boing Boing pushing an RSA Conference boycott

Stephen Farrell stephen.farrell at cs.tcd.ie
Wed Jan 15 07:26:33 EST 2014



On 01/15/2014 11:15 AM, ianG wrote:
> Hi Steve,
> 
> I beg to differ!

Fair enough.

> Yes.  Why is anon-dh there in TLS but not covering the planet?

Yep, a good question. And one I can't answer. I don't
recall if the SSL surveys count servers that can do
anon-dh ciphersuites but that'd be a start.

>> Anyway, if you want to change the IETF then you can do that
>> simply by being involved.
> 
> "Getting involved" is the reason why TLS opportunistic encryption is not
> covering the planet.

There we disagree again. I figure most people didn't
want anon-dh because they wanted at least web server
authentication and we also wasted a lot of time on
trying to push TLS client auth, which was probably
more of a disconnect between security folks and
(web) application developers. Anyway, I don't think
there is one single reason for pretty much anything
as complex as what does or does not get widely
deployed.

> We've been here so many times.  OK, so here's what's going to happen.

[...maybe-realistic pessimism elided;-) ...]

Perhaps you're right, and maybe I'm naive, but I think
we should try nonetheless. I guess we'll see how it
comes out in a few years. If I'm right I hope things
will be variously better. If I'm wrong it'll be more
or less the status quo or worse, but I think that last
is the inevitable outcome if we take your approach
and don't engage.

All that said, the IETF is just one bit of the whole
thing, so working outside that context is just as
valid.

S.



More information about the cryptography mailing list