Re: [Cfrg] Requesting removal of CFRG co-chair

Natanael <> Mon, 23 December 2013 16:17 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id EEE401ADF7D for <>; Mon, 23 Dec 2013 08:17:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, LOTS_OF_MONEY=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id puskMrx0JcgO for <>; Mon, 23 Dec 2013 08:17:45 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c05::22f]) by (Postfix) with ESMTP id 6573F1ADF52 for <>; Mon, 23 Dec 2013 08:17:45 -0800 (PST)
Received: by with SMTP id hi5so11085935wib.8 for <>; Mon, 23 Dec 2013 08:17:41 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=pY9MzA0iGS2kC3CADCWAmIqOlyf9DbUemABS2T5yVuo=; b=Woy3wn/zWT6GOKEFrFLyPwGZFO2HOY4HHAdEHZnVwEVa/POmlvDa2mqKoKuMKEtqhi h/a2WqXsT3uM/Vag2XuQWLyZUTHKwpWQZV0iukUxttHvbH4WwuV7CUDKtAy9//epytDZ YMZkHYzsH7eGzXmfeucOBsNAdWVw9sS4BKHEmZYeGgevHg9o4ww0+CFtHoneimnjgS7r 4Z6KF9yUH8diuvvytbbF5bBnEfPasmBuF1ByqNHHGeqfWZSvu4A6NUN0llXUq92OrPAR xvyZVUdI2t5d8u+uqN/qPa1x9xGc0xMCvlgAPBiuuRKfUO6G0A9StEWDrbbWuzkoyfKn TszQ==
X-Received: by with SMTP id xl6mr19094236wib.43.1387815461584; Mon, 23 Dec 2013 08:17:41 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Mon, 23 Dec 2013 08:17:21 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <>
From: Natanael <>
Date: Mon, 23 Dec 2013 17:17:21 +0100
Message-ID: <>
To: Yoav Nir <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: "" <>
Subject: Re: [Cfrg] Requesting removal of CFRG co-chair
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 23 Dec 2013 16:17:48 -0000

Considering that NSA is claimed to have paid the company RSA $10
million to put the backdoored RNG dual EC as default in BSAFE after it
was standardized (you probably all have heard of these news now),
which lots of companies use, are you *really* sure there are no issues
here that isn't obvious hidden here? Getting it approved in the TLS
standard could be just what they need to get it through the doors in
some place where those potential exploits that the protocol suffers
from (such as timing) are exactly what they need.

Can anybody here show with reasonable certainty that it's not going to
be a security risk anywhere?

On Mon, Dec 23, 2013 at 5:09 PM, Yoav Nir <> wrote:
> On Dec 23, 2013, at 5:21 PM, Tao Effect <>
>  wrote:
>> On Dec 23, 2013, at 3:57 AM, Robert Ransom <> wrote:
>>> I note that none of the few people who are speaking in defense of
>>> Kevin Igoe have even acknowledged the specific acts that Trevor Perrin
>>> listed at the beginning of this thread, much less tried to refute the
>>> charges or defend Mr. Igoe's acts.
>> Excellent observation! Instead of doing that, the response has been that a "witch hunt" is taking place, and that this is all based on "conspiracy".
>> And yet, neither of those claims is true.
> It sure seems like it. More than one person on this list has stated that this is nothing personal, but an employee of the NSA (one of tens or hundreds of thousands) is automatically disqualified from chairing a working group.
> The arguments against him are the kind that are leveled against IETF working group chairs on a regular basis - that they see consensus where consensus does not exist. Such arguments are easy to prove or disprove, because the mailing lists are public. I've seen plenty of arguments about whether the two people + author who liked the proposal vs the one person who asked a question and never replied to the list again constitute "consensus". None of those arguments resulted in a petition to remove the chair. I can only conclude that Kevin is getting special treatment because of his organizational affiliation, which IMO sets a very bad precedent.
> For the sake of argument, I will concede that all the accusations made are true: that (other than Dan) Kevin had the only message to the CFRG list with a favorable opinion of Dragonfly and that he presented that in a private message to the TLS chairs as "CFRG is fine with this algorithm". This could at worst be construed as mismanagement. Yet people present this as a malicious attempt by the USG to subvert the standards process so that people authenticate with a method that leaks timing information?  At the TLS layer or all places. That accusation is baseless and makes no sense for several reasons:
>  - Nobody uses passwords at the TLS layer. A PAKE has been defined for years, and it's implemented in the most popular library. Nobody cares (sorry, Dan)
>  - If the USG is spending money subverting the standards process to standardize a vulnerable password-in-TLS method, Americans should be worried - it's a monumental waste of their tax dollars.
>  - The widespread surveillance that the Snowden documents revealed was all done with no cryptography. It was all done by gaining access to the plaintext or gaining access to keys. The agent trying to sabotage the standards process would not be a cryptographer with an email. They'd be more surreptitious about it. (yeah, I know - that's what they'd like me to think)
> I don't know Kevin personally, and have never exchanged a word or an email with him, but I believe that he is the target of a witch hunt.
> Yoav
> _______________________________________________
> Cfrg mailing list