Re: [arch-d] Time to reboot RFC1984 and RFC2804?

Stewart Bryant <> Tue, 13 October 2020 13:34 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 223733A0A4F for <>; Tue, 13 Oct 2020 06:34:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5sHqObWhJlOx for <>; Tue, 13 Oct 2020 06:34:48 -0700 (PDT)
Received: from ( [IPv6:2a00:1450:4864:20::32f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id BDE003A0A4E for <>; Tue, 13 Oct 2020 06:34:48 -0700 (PDT)
Received: by with SMTP id e23so13915599wme.2 for <>; Tue, 13 Oct 2020 06:34:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=rRAzzh+tCpg86BMUYm9SV1maoKEINdKxyaEKfZUDtPI=; b=XUpHou9rm5kznJXZ8kuiDI5kXBfeVScQycuAeBDjiyUewCqyW5ElErzzEg/qRjPYgX MgjwB5Aon0II+QemjJFyb3RrwD6UcMDDLagRD8vnmwhis+9qf/ruOn072AUDJHd/7jB6 mCPldqdPaLU3yLje5ZZnGST6Lnihxu0bb/kYcLsQ9gHoAAameUQVyd9XBiNa+osCg+mJ 6DAHHJLnKXHCCerdMBnyqXsrJ4MSiXbsDjnyzO91IbsTRYrYYZgTYkrvRwHW5qYaTxea 6cM8kkwwdT/u+pdZ6YIra35V8jCtYy4mBrf4os8yzk4BK6+pWMC5N71hwZ1zoyOtC4pZ /njw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=rRAzzh+tCpg86BMUYm9SV1maoKEINdKxyaEKfZUDtPI=; b=oxuQtTsW8YDZEvlSraQzHCPxhqMyY9WROiAllgeN0ED6jLn2aUNs77Q4AjjPQvhjpV VGAPzVmzuXnGZlV3kUuloHpQjnhiG99vA/cu4DUqSK+F9bV+1tcBKLgzLFVPItbKZC1o alkRHfpvw0QWAghH7URx6Y7Ih2YzVtA6T5BVq7TWmrnSHGi3LQ9I6I3/bkKL0+so45M3 YSbTJESqNcyMTW1XqHjrnBjyJrpq7SXjFMGSgG1NXV5DyiAtNR8df43fqGblmbCvIIAI 3Y6J0oyZgbAwkaanrz5O3bdafHn5WKYYcuIF9mNoltPEM1o21riPMPW8Ug/LDueUyMKn qA8A==
X-Gm-Message-State: AOAM533qpgKjnnESlbrOZmFSWG1ky06Vb58bW+m/7NcWej3Aqqtc779I nv+U7PpvziMSr6OYeqQ0Pv4=
X-Google-Smtp-Source: ABdhPJwKNdMfYyS64AcIx75bLJQorOUU0t868iBVlh6esVsKPoodDJrbMa34FQHPUmlzi5iHeLLQkg==
X-Received: by 2002:a1c:7f0f:: with SMTP id a15mr15253109wmd.97.1602596087104; Tue, 13 Oct 2020 06:34:47 -0700 (PDT)
Received: from ([2a00:23c5:3395:c901:5d29:86d5:3f0b:55d5]) by with ESMTPSA id t83sm10023149wmt.43.2020. (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Oct 2020 06:34:46 -0700 (PDT)
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.\))
From: Stewart Bryant <>
In-Reply-To: <>
Date: Tue, 13 Oct 2020 14:34:45 +0100
Cc: Stewart Bryant <>, Andrew Campling <>, Christian Huitema <>, John C Klensin <>, Brian E Carpenter <>, "" <>
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <975E28FE326C22E8CD32DCC8@PSB> <> <LO2P265MB05736C784B36942C7ECF71ECC2070@LO2P265MB0573.GBRP265.PROD.OUTLOOK.COM> <> <> <>
To: Stephen Farrell <>
X-Mailer: Apple Mail (2.3608.
Archived-At: <>
Subject: Re: [arch-d] Time to reboot RFC1984 and RFC2804?
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: open discussion forum for long/wide-range architectural issues <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 13 Oct 2020 13:34:50 -0000

> On 13 Oct 2020, at 14:17, Stephen Farrell <> wrote:
> Hiya,
> On 13/10/2020 13:48, Stewart Bryant wrote:
>> Stephen,
>> Those governments are looking for ways to stop real harm to real
>> people.
> Some are, yes. That is not all they are interested in doing
> of course (they all do like a bit of spying here and there:-)
> and all that varies enormously from one to another government.
> Some governments want these changes in order to do what I would
> call harm.

Engineering calls for a pragmatic balance of results and costs.

From where I sit, I see a significant downside in allowing bad people to do bad things to innocent people.

>> We have to accept that we have unintentionally played a part in
>> causing some of that harm.
> And a lot of good. IMO, on balance, and after having done
> this stuff for >3 decades, I'm happy that we've done overall
> far more good (with crypto in protocols) than harm. (That
> doesn't include surveillance capitalism, but that isn't the
> same issue.)
>> So the problem that we have a moral responsibility to address is to
>> find methods that stop or minimise those harms.
> I don't accept that. The "we" isn't clear, but what
> does seem clear is that meeting the requirements posed
> is (IMO anyway) likely to do more harm. I've never
> seen any proponent of borked crypto do a proper analysis
> of the damage that would be done - they almost always
> seem to approach it as mostly a PR exercise and so go
> straight to the "think of the children" and "what about
> the terrorists" talking points.

Well I am certainly concerned about those two groups.

So the interesting question is whether there is any other way of addressing the requirement without borking the crypto, at least for the majority of applications used by those causing the harm.

>> The problem may be hard but so were many other problems that we now
>> take for granted as solved.
> I didn't say "hard." I said "squaring the circle." The
> latter isn't possible and is much more like the "magic"
> that is being asked for, and has been asked for since
> the Clipper days, without any technical progress at all
> in those 25 years.

Are, but that is my point. Maybe we cannot exactly square the circle, but perhaps, if we look at the problem in the right way we can create a sufficiently close approximation that it satisfies the requirement?


> S.
>> Stewart
> <0x5AB2FAF17B172BEA.asc>