[Cryptography] The role of the IETF in security of the Internet: for or against the NSA? for or against the security of users of the net?

[ianG]

On 21/03/2014 01:01 am, Bill Frantz wrote:
> On 3/17/14 at 4:15 PM, nico at cryptonector.com (Nico Williams) wrote:
> 
>> And BTW, the IETF doesn't always do design by committee, the IETF
>> standardizes protocols that participants want to; if you bring a fully
>> formed protocol to the IETF that the community is interested in then
>> they'll standardize it after reviewing it -- chances of zero changes
>> are low, but the design will not have been by committee.
> 
> I have been following the TLS committee for many years. It appeared to
> me that the organizations which captured it were the certificate
> authority companies, not NSA moles.


This is pretty clear, yes.  The IETF model allows capture by an industry
group.  Some would say that is the model -- to allow the industry to
reach consensus with some semblance of openness.  Fine.

Industry groups have their own interests, which might or might not align
with the Internet community.  And, industry groups are far more easily
aligned to national interests than some wild internet bunch.


> They were the people who blew off my
> suggestion of having key continuity in browsers so the browser noticed
> when a site's public key changes. They said in essence, "But how to you
> handle the cold introduction problem?"

Like everyone, PKI employees work from a script.  We aren't any
different, when standard complaint A turns up, we roll out standard
response A' and move on, job well done.

After a while you start to learn the script.  Only once you've learnt
the script can you start to think more deeply, start to figure out what
is behind the script, what are the metrics that really matter, what is
the objective.

With CAs, and the others, it is pretty clear that the employees are in
it for the job.  It's not personal or anything; their primary objective
is to protect their paycheck.

There's nothing wrong with this at the individual level, and it is no
different outside that business (we haven't seen a rush of disclosures
or whistleblowing from Facebook, google, MS, Dropbox, Skype, Intel, etc...).

As someone said recently, in such a situation, we may have to find a
better incentive for them.  (It's an option, of many.)


> In the post Snowdon era, most TLS
> contributors recognize that there are significant weaknesses in the CA
> model.

Sure.  In the military, we always say, "what's the mission?"  Without
that, the military process fails.

In this context, who are we trying to protect?  Against what?  At what
level of cost and risk?


> The group is beginning to discuss TLS3. There is a movement to work with
> competing drafts to avoid the "by committee" problems.


I could have sworn that said "by competition" when I first read it :)

> If anyone has
> interest in influencing the discussions, the proper place is:
> 
>     TLS mailing list
>     TLS at ietf.org
>     https://www.ietf.org/mailman/listinfo/tls
> 
>> Really, the
>> IETF has its faults, and who knows, maybe there are NSA/GCHQ moles
>> pushing the consensus around, but please don't let's generalize so
>> broadly.
> 
> I agree. The IETF is the most open standards organization I know.


Yep.  Compared to CABForum, IETF is the dream team.



iang