Re: [Cfrg] NSA sabotaging crypto standards
"Eggert, Lars" <lars@netapp.com> Thu, 06 February 2014 16:20 UTC
Return-Path: <lars@netapp.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7626C1A0143 for <cfrg@ietfa.amsl.com>; Thu, 6 Feb 2014 08:20:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.437
X-Spam-Level:
X-Spam-Status: No, score=-7.437 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.535, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ydhQfmAKuE2c for <cfrg@ietfa.amsl.com>; Thu, 6 Feb 2014 08:20:26 -0800 (PST)
Received: from mx1.netapp.com (mx1.netapp.com [216.240.18.38]) by ietfa.amsl.com (Postfix) with ESMTP id 496D91A03C5 for <cfrg@irtf.org>; Thu, 6 Feb 2014 08:20:26 -0800 (PST)
X-IronPort-AV: E=Sophos; i="4.95,793,1384329600"; d="asc'?scan'208"; a="306010084"
Received: from vmwexceht03-prd.hq.netapp.com ([10.106.76.241]) by mx1-out.netapp.com with ESMTP; 06 Feb 2014 08:20:25 -0800
Received: from SACEXCMBX01-PRD.hq.netapp.com ([169.254.2.211]) by vmwexceht03-prd.hq.netapp.com ([10.106.76.241]) with mapi id 14.03.0123.003; Thu, 6 Feb 2014 08:20:24 -0800
From: "Eggert, Lars" <lars@netapp.com>
To: "Manger, James" <James.H.Manger@team.telstra.com>
Thread-Topic: NSA sabotaging crypto standards
Thread-Index: AQHPI0wyNwZIyRl9aU6ZyV2CKP87E5qo7jCA
Date: Thu, 06 Feb 2014 16:20:23 +0000
Message-ID: <570B8BE5-1362-4D08-A22D-FE86FC4A77DC@netapp.com>
References: <20140203192451.6268.76511.idtracker@ietfa.amsl.com> <7af2f9df96e5867d493c614806235363.squirrel@www.trepanning.net> <CACsn0cm1f-P95je5AbEbZ02Ut3+HM7Hx28P6j46TqE-=06eZDg@mail.gmail.com> <52F00EF3.3040505@cisco.com> <CACsn0c=zS5GKex3eF_hKgTsL1kH=TiBi3iAP9oMrJ9hDQcT4Gw@mail.gmail.com> <7BAC95F5A7E67643AAFB2C31BEE662D018B81B7DE5@SC-VEXCH2.marvell.com> <CACsn0cn0TaHsDkyN2ewOorxxBzXivCg=QGR-ZnBiC3nJhvhpRg@mail.gmail.com> <14AB44E0-4C90-4E4C-A656-885A31CF4C02@checkpoint.com> <CACsn0cmDT-FAN8uMZ0w8TX6GKPAZjnrexLeFQd7QhRfoY6AGFQ@mail.gmail.com> <75e1e853dc391b418062ee5e51adeb2f.squirrel@www.trepanning.net> <CABqy+sr7ZKrACj4Ga2_75d9Kea0aKbrp2P5fWWu4YZP53zijxw@mail.gmail.com> <CACsn0cmS152wYQWHiX8ykzaMM=6b=r=fwVuLfPj_u0wmoq0jKw@mail.gmail.com> <7BAC95F5A7E67643AAFB2C31BEE662D018B81B7F7C@SC-VEXCH2.marvell.com> <CACsn0c=a5PvZOZgVRjHaJ2avGCPHF6b6nOpNh+iT0909X-jUFA@mail.gmail.com> <52F23D52.4090509@cisco.com> <EFA9E215-3B01-43C6-A8F0-3F98E3ED2E26@netapp.com> <255B9BB34FB7D647A506DC292726F6E1153AD4CF05@WSMSG3153V.srv.dir.telstra.com> <3E30D764-7E19-45DB-9D6D-63949F5B36CB@netapp.com> <255B9BB34FB7D647A506DC292726F6E1153AE65F2E@WSMSG3153V.srv.dir.telstra.com>
In-Reply-To: <255B9BB34FB7D647A506DC292726F6E1153AE65F2E@WSMSG3153V.srv.dir.telstra.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.106.53.51]
Content-Type: multipart/signed; boundary="Apple-Mail=_FBCA8319-1FD7-4EB6-BF1D-B4FA324A2686"; protocol="application/pgp-signature"; micalg="pgp-sha1"
MIME-Version: 1.0
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] NSA sabotaging crypto standards
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Feb 2014 16:20:29 -0000
Hi, I want to respond to a few of your points. I won't get into a prolonged debate here. On 2014-2-6, at 16:00, Manger, James <James.H.Manger@team.telstra.com> wrote: >> The CFRG is not a standards group. It does not produce standards. > > These look and smell like standards to me, and this is where they are worked on. <snip> but they aren't. By definition, the IRTF does not produce standards, and the first sentence of the boilerplate of any IRTF RFC says This document is not an Internet Standards Track specification; it is published for examination, experimental implementation, and evaluation. and then goes on to state even more caveats. That's about as clear as we can be. >> As an individual, I am fully in favor of making widespread wiretapping >> as difficult and costly as possible, and I am very supportive of >> anything the IETF and IRTF can do here. > > NSA have been sabotaging crypto standards. This is separate from widespread wiretapping. Fair point. I would also be in favor of any action that would make it more difficult for anyone to subvert the work we do. I still do not believe that replacing Kevin as chair would actually serve that purpose. > Removing Kevin Igoe will be a concrete statement that we find the NSA sabotage of crypto standards unacceptable. No, it wouldn't. It would be a demonstration that we believe in guilt by association. We'd make Kevin the scapegoat, irrespective of the fact that his personal actions do not warrant such a removal. If the CFRG wants to make a statement about the actions of the NSA, then it can certainly do exactly that, i.e., folks can craft text to that effect and then the group can see if it has consensus to publish that statement. (The IETF did make such a statement via the Vancouver plenary poll.) >> Eliminating groups of people from participating >> because of their current or past employment status, or based on whom >> they consulted for or took research grants from weakens that open >> process. > > We are not eliminating groups, we are saying we strongly object to one organization's actual behaviour. > My understanding is that Kevin Igoe is a current employee of the NSA, paid (at least in part) to work on crypto standards. > >> past employment status >> consulted for >> took research grants > > No one is suggesting anything about those categories. > Listing them feels like an attempt to invoke an imaginary slippery slope as an excuse not to act. You are arguing to remove Kevin based on his affiliation. I'm therefore guessing you have similar concerns about other current NSA employees. And possibly the other groups I listed above, since their financial relationship with the NSA could be argued to influence their participation. The slippery slope is not an excuse - where do you draw the line? All that said, I fully understand people's anger at the action's of the NSA, and I do share it. I also understand the impulse to want to do something. But I don't consider punishing an individual contributor to the group for the actions of his employer an appropriate action. I also do not believe that the solution lies in preventing individuals from contributing solely based on their affiliation. Lars
- [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-03.t… internet-drafts
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… David McGrew
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… David McGrew
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Paul Lambert
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Yoav Nir
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Mike Hamburg
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Dan Harkins
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Robert Ransom
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Watson Ladd
- Re: [Cfrg] I-D Action: draft-irtf-cfrg-dragonfly-… Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Paul Lambert
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Michael Hamburg
- Re: [Cfrg] 2^40. I can't exhibit it, but it exist… Watson Ladd
- [Cfrg] publishing dragonfly (was: Re: 2^40. I can… David McGrew
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Eggert, Lars
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Manger, James
- Re: [Cfrg] publishing dragonfly (was: Re: 2^40. I… Eggert, Lars
- [Cfrg] NSA sabotaging crypto standards Manger, James
- Re: [Cfrg] NSA sabotaging crypto standards Alexandre Anzala-Yamajako
- Re: [Cfrg] how can CFRG improve cryptography in t… Rob Stradling
- Re: [Cfrg] NSA sabotaging crypto standards Eggert, Lars
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Paul Hoffman
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Paul Hoffman
- Re: [Cfrg] NSA sabotaging crypto standards David McGrew
- Re: [Cfrg] NSA sabotaging crypto standards Dan Harkins
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] NSA sabotaging crypto standards Nikos Mavrogiannopoulos
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- Re: [Cfrg] NSA sabotaging crypto standards Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] NSA sabotaging crypto standards Watson Ladd
- [Cfrg] how can CFRG improve cryptography in the I… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Daniel Kahn Gillmor
- Re: [Cfrg] NSA sabotaging crypto standards Blumenthal, Uri - 0558 - MITLL
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Rene Struik
- Re: [Cfrg] how can CFRG improve cryptography in t… Stephen Farrell
- Re: [Cfrg] how can CFRG improve cryptography in t… dan
- Re: [Cfrg] how can CFRG improve cryptography in t… Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… Daniel Kahn Gillmor
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Stephen Farrell
- Re: [Cfrg] how can CFRG improve cryptography in t… Tom Ritter
- Re: [Cfrg] how can CFRG improve cryptography in t… Igoe, Kevin M.
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… Hannes Tschofenig
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew
- Re: [Cfrg] how can CFRG improve cryptography in t… Paul Lambert
- Re: [Cfrg] how can CFRG improve cryptography in t… Watson Ladd
- Re: [Cfrg] how can CFRG improve cryptography in t… Rene Struik
- Re: [Cfrg] how can CFRG improve cryptography in t… Geoffrey Waters
- Re: [Cfrg] how can CFRG improve cryptography in t… S Moonesamy
- Re: [Cfrg] how can CFRG improve cryptography in t… David McGrew