Re: [Cfrg] Requesting removal of CFRG co-chair

Alyssa Rowan <> Sat, 21 December 2013 14:40 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 896471ADAEA for <>; Sat, 21 Dec 2013 06:40:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id wQW0T9LBGuPI for <>; Sat, 21 Dec 2013 06:40:20 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 792341ADED5 for <>; Sat, 21 Dec 2013 06:40:20 -0800 (PST)
Received: from [] ( []) by (Postfix) with ESMTPSA id 7274260A12 for <>; Sat, 21 Dec 2013 14:40:16 +0000 (GMT)
Message-ID: <>
Date: Sat, 21 Dec 2013 14:40:19 +0000
From: Alyssa Rowan <>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Subject: Re: [Cfrg] Requesting removal of CFRG co-chair
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 21 Dec 2013 14:40:23 -0000

Hash: SHA512

[Cross-posting ceased, in light of Lars' message: he'll read the list.]

On 21/12/2013 08:28, Dan Harkins wrote:

> This request is FUD on top of innuendo.
> The added implication of a conspiracy theory should be all the more
>  reason to reject it.

With all due respect, it is simply pointing out an elephant in the room:

• The NSA have been publicly documented, and caught, manipulating and
  subverting cryptographic standards to weaken them.

  - It is a publicly-documented fact being discussed by an oversight
    panel who are recommending that the President stop the NSA doing

  - That unavoidably logically implies that they're doing it now.

  - Not a conspiracy theory therefore: documented fact.

  - It was specifically discussed at the IETF 88 Technical Plenary.
    If you are unfamiliar with that discussion, and the resulting hums,
    please look it up. <>

• If a nation state adversary were doing such a thing, they would
  probably target (among others) this group, which is chartered with
  evaluating cryptographic standards for internet protocols.

  - Ideally, they would hold a position of power, being able to guide
    the committees into making decisions that are to their advantage,
    provide bad advice that will be trusted in light of his position,
    or misrepresent consensus that could be interpreted as mere error.

• Well, the co-chair of this group - literally - works for the NSA.

• We're gonna have a problem here.

It is a crystal-clear, indefensible, classic conflict-of-interest -
Kevin M. Igoe literally works for an attacker we are trying to defend

I mean no disrespect to him as a person: please record that. But I'm
sure that if he is being honest, he will understand the concerns, and
gracefully resign his position.

He might be an ethical fellow, and dislikes how their SIGINT appears
to have fatally undermined their COMSEC. Sadly, I don't KNOW that; and
the trouble is, it raises the highly uncomfortable, but sadly
unavoidable, impression that he could instead be employed to undermine
the work of this group.

In light of what we do know about BULLRUN, it is entirely reasonable
for us to be uncertain, and to doubt, whether Kevin is working in the
best interests of the internet.

And it is reasonable for us to fear that instead, he may be working in
the best interests of his employer - which, sadly, appear in light of
IETF 88 and related discussions, to have been in direct conflict.

He has to go. Nothing personal.

> I am extremely sorry that my draft seems to have caused the CFRG 
> chairs to be the target of these accusations.

IETF 88 specifically addressed the importance of public oversight and
scrutiny in the evaluation of cryptographic standards.

So, on the contrary, I am extremely glad that the effect of your draft
was a fresh round of public scrutiny and oversight. Thank you for that.

[Just to clarify: One of the co-chairs, Kevin M. Igoe, openly works for
 the NSA and is the source of raised concern here. I have no cause for
 concern about the other co-chair, David McGrew, who works for Cisco.]

> The protocol in question, dragonfly, does not have any security 
> flaws that would cause it to be inappropriate as a TLS cipher
> suite.

I note that you feel protective, even hotly defensive, of your work.
Others have raised concerns which appear to remain insufficiently
addressed. Beyond that, I won't comment within this discussion.

- --