Re: [Cfrg] Requesting removal of CFRG co-chair

Stephen Farrell <> Tue, 24 December 2013 02:36 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id F06B41AE382 for <>; Mon, 23 Dec 2013 18:36:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.438
X-Spam-Status: No, score=-2.438 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 8YVqG-tdh-sn for <>; Mon, 23 Dec 2013 18:36:05 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 4134D1AE375 for <>; Mon, 23 Dec 2013 18:36:05 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id E3702BE58; Tue, 24 Dec 2013 02:36:00 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id o1E7Ow8IoY8r; Tue, 24 Dec 2013 02:35:59 +0000 (GMT)
Received: from [] (unknown []) by (Postfix) with ESMTPSA id B2388BE51; Tue, 24 Dec 2013 02:35:59 +0000 (GMT)
Message-ID: <>
Date: Tue, 24 Dec 2013 02:35:49 +0000
From: Stephen Farrell <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Tao Effect <>, Richard Barnes <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: "" <>
Subject: Re: [Cfrg] Requesting removal of CFRG co-chair
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 24 Dec 2013 02:36:07 -0000

Hash: SHA1

On 12/24/2013 02:15 AM, Tao Effect wrote:
> Here's one from Stephen Farrell, it can be summarized entirely
> like so: "Oh FFS. Please cut the crap."
> Here's one from John Bradley: "+1 Stephen's comment"
> Some substance, gentlemen, please?

So I'm willing to bet that you don't know that the entire IAB
met with Kevin to review the CFRG in Vancouver, as is commonly
done with one IRTF RG each IETF meeting. Its quite reasonable
that level of detail is not common knowledge but it is not
reasonable for what might be a substantive discussion about
how CFRG ought deal with snowdonia to be turned into a
kindergarten side-show based on apparently total ignorance as
to how the IRTF and IETF actually do business.

If you (and others who've very recently turned up on this list)
actually care about pervasive monitoring, you should desist
from this kind of nonsense and think more about how to mitigate
the problem.  Or at the very least, ask questions about how things
are, and don't start off by making stupid insinuations. The
entire discussion calling for Kevin to stand down or be removed
is IMO just a distraction from what ought be a real debate on
this list.

That real debate would consider how to more quickly spot that
the ECC DBRG reports were worth serious consideration, how to
deal with nothing-up-my-sleeve parameters, and how to deal with
a future where NIST are no longer the gold-standard for vendors
of important systems and we'll need to have some way to deal
with the likes of 25519. And perhaps whether the status-quo
dividing line between CFRG and the IETF is correctly drawn
at ciphers and modes of operation.

The guilt-by-association drama that we've been seeing is
entirely getting in the way of that much more important debate.


PS: Yes, my language above is immoderate. Frankly, I am quite
pissed off that this side-show is distracting from more real
progress on mitigating pervasive monitoring.

Version: GnuPG v1.4.14 (GNU/Linux)