[Cryptography] open questions in secure protocol design?

ianG iang at iang.org
Tue May 26 10:35:29 EDT 2015 

On 26/05/2015 14:44 pm, Stephen Farrell wrote:
>
>
> On 26/05/15 14:35, Ben Laurie wrote:
>> The way CT works is neither 1TCS nor agility - if you want to change
>> ciphersuite, you start a new log. So, it seems there are other parts of the
>> design space...
>>
>
> Well yes and no. Yes, CT handles this differently from e.g. TLS and
> that's fine. No, in that 1TCS is just a broken concept and hence is
> not IMO part of any rational design space in the real world. 1TCS is
> part of the rhetorical landscape but not a real design choice.



I sense a little over-reaction here.  1TCS is part of the real world, 
it's been used, and it does the job.



What we might disagree on is which parts of the world are better suited 
to which pattern.  Clearly, the TLS camp is very well entrenched, so we 
can probably agree to call the TLS school one of the end points in the 
spectrum.

If we look at all the places where 1TCS works, it might be that it is a 
bit of everywhere, but the thing that stands out (for me) is that it 
works far better when you don't have to worry about world-wide scale, 
competition, permission, approval, consensus and all that.

E.g., PGP1,2 were happy with it, and it was only when PGP grew up and 
entered the OpenPGP working group that it acquired the agile mojo. 
Bitcoin are happy with it, and as a curious aside, they also promote the 
'practice' that all miners should use only the one body of code.

So we might end up saying that the same designs that need IETF would 
also prefer agility.  I see correlation there.  Maybe, there's an 
underlying causality.

But I wouldn't say that the IETF causes agility, no more than I'd say 
that agility is the cause of the IETF or that the IETF is the owner of 
all rationality and design space and protocols and everything.  That 
would be ... an overstretch.

More likely there is an underlying factor that is causal.  Something 
about the way the IETF is constructed is also something about why the 
people found at IETF need agility.



iang



ps; does anyone know what the NSA's view on this is?  Yes, I know, then 
you have to kill me, but all in the pursuit of knowledge!

More information about the cryptography mailing list