[Cryptography] The role of the IETF in security of the Internet: for or against the NSA? for or against the security of users of the net?

Tom Mitchell mitch at niftyegg.com
Mon Jul 21 17:34:58 EDT 2014 

On Sat, Jul 19, 2014 at 12:26 PM, Dave Horsfall <dave at horsfall.org> wrote:

> On Sat, 19 Jul 2014, Phillip Hallam-Baker wrote:
>
> > There is really no problem with a trusted proxy, the question is
> > whether the proxy is trustworthy or not. Consider the following
> > possibilities:
>
> At the risk of getting my head bitten off for stating the obvious, it
> might be worth demonstrating the difference between a trustworthy system
> and a trusted system rather more succintly:
>
> A trustworthy system is one that you *can* trust; a trusted system is one
>   <-----!
> that you *have* to trust.
>                           <-----!


This is a good point, it almost addresses the topic....

There are measures of quality and there are measures of policy involved.

An individual schooled in the art may be required (policy) to use a system
he does not trust (technically). i.e must use but still does not trust.

The policy issue spans three sources: local, transit, receipt.
Technical merit and issues must also span all three and also
reaches up to a fourth policy owner... System and administrative policy
may influence the matrix adding a third dimension.  i.e. system
administrative policy may disallow building raw packets or block access
to port numbers below some set limit.    Transit policy may block
famous ports the way many ISPs block port 25 and other server ports.

In the end the best available will be the best common to all but not the
best possible.

Case in port most companies have a policy of using a Windows OS and
using a specific mail service... and using a specific archive system.

This is a richer topic than the grade school lesson "can I" and "may I".
And grammar police on the internet make it clear how well that distinction
is made... and how difficult the more complex topics of interoperability,
quality, suitability and technical merit devolves into marketing fluff.

-- 
  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140721/621797f5/attachment.html>

More information about the cryptography mailing list