Re: [Cfrg] Requesting removal of CFRG co-chair

Alyssa Rowan <akr@akr.io> Mon, 23 December 2013 18:49 UTC

Return-Path: <akr@akr.io>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3712E1AE21A for <cfrg@ietfa.amsl.com>; Mon, 23 Dec 2013 10:49:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eh2WhYOZoy0n for <cfrg@ietfa.amsl.com>; Mon, 23 Dec 2013 10:49:37 -0800 (PST)
Received: from entima.net (entima.net [78.129.143.175]) by ietfa.amsl.com (Postfix) with ESMTP id 6B6041ADFD5 for <cfrg@irtf.org>; Mon, 23 Dec 2013 10:49:37 -0800 (PST)
Received: from [10.97.241.245] (94.197.121.110.threembb.co.uk [94.197.121.110]) by entima.net (Postfix) with ESMTPSA id 5EAA7600FD for <cfrg@irtf.org>; Mon, 23 Dec 2013 18:49:32 +0000 (GMT)
User-Agent: K-9 Mail for Android
In-Reply-To: <c60df8ffe6970f6c1b199175526d5c53@mail.gmail.com>
References: <201312212237.rBLMbo5i016331@sylvester.rhmr.com> <5FA05FD6-59A5-40EC-A3F6-A542E37C3224@taoeffect.com> <31D844CE-CCC8-4A4A-90A1-064D7B205E13@taoeffect.com> <CEDB64D7.2B148%paul@marvell.com> <CACsn0ckpB+9GHHb37xJ6BrpK3SL1aPe2-_nPwbDZKMAjMFg0Sg@mail.gmail.com> <8ac4396af38c4be34935361ed36ca5f6.squirrel@www.trepanning.net> <CACsn0c=96TPU5+WbkU=k3=S2r14Oho+frMVJ8zcZoEjXpYS9KA@mail.gmail.com> <e48e9ab7885ad9bd9c35def72ad429d7.squirrel@www.trepanning.net> <52B7E1EF.80808@akr.io> <CABqy+so1weyHXKVLU0LPmv4nWg+E4VN_Z4uCapSASepf+LfQNQ@mail.gmail.com> <7376E700-6334-46A3-AD8E-1EDF9C67DC97@taoeffect.com> <BD34B825-0FC3-4AF8-8C1B-7DD51FB0EB2D@checkpoint.com> <c60df8ffe6970f6c1b199175526d5c53@mail.gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset=UTF-8
From: Alyssa Rowan <akr@akr.io>
Date: Mon, 23 Dec 2013 18:49:26 +0000
To: cfrg@irtf.org
Message-ID: <3939770d-3e37-4117-86e2-2cb063c0a36c@email.android.com>
Subject: Re: [Cfrg] Requesting removal of CFRG co-chair
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Dec 2013 18:49:40 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

William Whyte <wwhyte@securityinnovation.com>; wrote:

>My position is that the NSA's mission includes subverting cryptographic
>standards, and so it is inappropriate for an NSA employee to chair a
>crypto working group in a standards body.
I agree, and feel that it is the core of the issue.

Those apparently arguing in favour of him remaining have seemingly avoided addressing this critical conflict of interest; the elephant in the room. Time for the elephant gun.


Fact: Kevin, the co-chair, works for the NSA. [@nsa.gov]

Fact: The NSA is known (and unanimously agreed) to be attacking the internet via mass surveillance among other means. [IETF 88 T/P]

Fact: As part of that attack, the NSA has a department (apparently 141 personnel strong, with a yearly quarter-of-a-billion US dollar budget) whose task is to subvert crypto standards and implementations. [Snowden, SIGINT Enabling Project budget]

Fact: We do not know what Kevin's tasks are at the NSA, or whether he is part of that department or not.

(My comment: We are unlikely to ever know for certain, without another Snowden: any NSA statement on this would I believe be hard for many to take at face value given their conduct thus far. If he knew of that department's existence, he chose to say nothing; if he did not previously know, it's pretty clear he couldn't fail to know by now, but strangely still has said nothing, despite a rather lively discussion calling for his resignation.)

So:

1. Should Kevin be removed from his co-chair position of this crypto advisory group?

2. If not, why do you think he should remain?

3. How would you expect this crypto advisory group to retain any credibility if it chose to retain an NSA employee as a co-chair, in light of everything now known?


I've made my position clear: he should step down. Please, state yours.
- --
/akr
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.9

iQI3BAEBCgAhBQJSuIW2GhxBbHlzc2EgUm93YW4gPGFrckBha3IuaW8+AAoJEOyE
jtkWi2t6VhYQAJEaO4nunSPxcwfD2VYVoLlR+Szzn/cQbhrK8q7wj0fax+q0DEJ0
bT8WZWFPxsL6dfRXIRpIT9rodZH4ndP46yTST166MdQQEZfbcwwcD+QVSpjebK7N
SD1X2jSa2hfanItUAfN7GTZxBW3y2tzn+N9z0cFw0dw8NIRzMdYVOHur74JS7k3r
scJMob/So5yOALHB9L8poPyOD9pdPD3WUxkWg993OSoXxTcIFWS1eLzaf7VHlReq
2h72HsaxfCSL/nsSplAgxqgpyJNeLarOotDVYtezO+pBr5qikzifcM6S2wH7uCiF
HCeuNpYmV5A9aJZX4q2YYqLP0bLM4CKEi+uUH6HxN/960s7CFr9dAbiHSPlwGwg2
Dmzc6Z7C/frD5SPVRSyia8vjUJCaSnmIn71cEuz5uV8xRg//vhcCtbrMOtjgXEFn
PvSs+ctNGR845ZdzRwMCGHXqruDnHLOrltTxVwjjcwWEfmXeJCvVmL0U2x2u+KMq
b0h+Dx2QGXxk4a1kwMOLY3sVmHIcA8VHS89vd2QnPgAY6P/VW6pvSWIAKslbmMSE
d8girNDNkA/XWQZTbFY5YEudhLjeRw2GdAVzY7krvwoLDbxbIAFWjwBW5tZjdtvY
E8zc8iQ2eG66C7iDlsJtnXgGA8S1SMuba/iur39zC/66Okx0rBCUSN1D
=I6wY
-----END PGP SIGNATURE-----