[Cryptography] The role of the IETF in security of the Internet: for or against the NSA? for or against the security of users of the net?

ianG iang at iang.org
Tue Jul 22 10:25:49 EDT 2014 

On 22/07/2014 15:12 pm, Trevor Perrin wrote:
> On Tue, Jul 22, 2014 at 3:11 AM, ianG <iang at iang.org> wrote:

>> How do we address this?  Well, I reckon the only answer for an
>> organisation like IETF is to look to competitions with winner take all.
>>  But they have to be open competitions, and the rules have to be open,
>> not stacked in advance such as is happening with TCPinc.
> 
> I feel much the same, but your proposal is naive - IETF insiders are
> opposed to competitions.  For example, see the discussion around TLS
> 1.3 process:
> 
> http://www.ietf.org/mail-archive/web/tls/current/msg11657.html
> 
> http://www.ietf.org/mail-archive/web/tls/current/msg12023.html
> 
> If I was cynical, I might say it's because competition means less
> control for the leadership, and less opportunity to buy support by
> letting everyone throw their pet ideas in.
> 
> If I was generous, I'd say it's because the IETF process only backs
> into "competitions" when the committee process runs into hard
> questions and splinters into competing camps.  Lacking decision-making
> mechanisms the resulting chaos is painful, scarring, and something the
> leadership has an instinct to avoid.


Hmm.  I see the flaw.  For a competition to work, we need a dictator to
decide the winner.  And a deadline.


>> (The dictator approach solves the design mess, but it doesn't solve the
>> fight for power within the WG, indeed it probably makes it as bad or worse.)
> 
> At best an IETF WG *is* a small and dictatorial design group, plus a
> suggestion box for random supplicants to toss ideas in.

;)

> Sometimes such a group does good, sometimes it doesn't.  But if you
> want competition and meaningful alternatives you're going to have to
> find that outside the process, rather than inside it.


Then I suggest -- naively indeed -- that the IETF designate external
non-IETFers as the jury to decide the winner.  Use a conclave method,
lock them in the church until they come out with a winner. Bread & water
only, small pieces of paper to burn...

You're right.  They'll never do that.  Outside it is then.



iang

More information about the cryptography mailing list