Re: [Cfrg] Response to the request to remove CFRG co-chair

[Adam Back <adam@cypherspace.org>]

I want to add my full public support to what Trevor said below.  I expressed
my concerns publicly and also offlist to Lars following his request for
comments.

I will not repeat the arguments as Trevor did a very eloquent job of
summarizing.

For the record (some people were rudely claiming anyone disagreeing with
them must be a "newbie" who just signed up to complain about a "fashionable
issue"), I am not a newcomer to IETF participated back to probably around
1996, have been on this IRTF list for some years, wrote a few IDs, invented
crypto concepts in day to day use in Tor, Bitcoin and other places, wrote
crypto code that is in use by many people and companies.  I have a comp sci
PhD.  I have been working in the cyrpto/security industry for > 20 years.

It pains me that I have to say any of that, but discussion on here became a
bit non-linear recently and I am not sure what is going on exactly.  Maybe
several parties with different slants and motives countervailing the public
interest.  Or just rude "pragmatists" (an exceedingly dangerous species of
engineer in crypto or privacy areas in my experience).

Adam

On Mon, Jan 06, 2014 at 05:48:51PM -0800, Trevor Perrin wrote:
>Hi Lars,
>
>Thanks for considering this request.
>
>Of course, I'm disappointed with the response.
>
>--
>
>I brought to your attention Kevin's record of technical mistakes and
>mismanagement over a two year period, on the major issue he has
>handled as CFRG co-chair.  You counted this as a single "occurrence",
>and considered only the narrow question whether it is "of a severity
>that would warrant an immediate dismissal".
>
>I appreciate your desire to be fair to Kevin and give him the benefit
>of the doubt.  But it would be better to consider what's best for
>CFRG.  CFRG needs a competent and diligent chair who could lead review
>of something like Dragonfly to a successful outcome, instead of the
>debacle it has become.
>
>--
>
>I also raised a conflict-of-interest concern regarding Kevin's NSA
>employment.  You considered this from the perspectives of:
> (A) Kevin's ability to subvert the group's work, and
> (B) the impact on RG participation.
>
>Regarding (A), you assessed that IRTF chairs "are little more than
>group secretaries" who "do not wield more power over the content of
>the ongoing work than other research group participants".
>
>That's a noble ideal, but in practice it's untrue.  Chairs are
>responsible for creating agendas, running meetings, deciding when and
>how to call for consensus, interpreting the consensus, and liaising
>with other parties.  All this gives them a great deal of power in
>steering a group's work.
>
>You also assessed that the IETF/IRTF's "open processes" are an
>adequate safeguard against NSA subversion, even by a group chair.  I'm
>not sure of that.  I worry about soft forms of sabotage like making
>Internet crypto hard to implement securely, and hard to deploy widely;
>or tipping groups towards dysfunction and ineffectiveness.  Since
>these are common failure modes for IETF/IRTF crypto activities, I'm
>not convinced IETF/IRTF process would adequately detect this.
>
>
>Regarding (B), you judged this a "tradeoff" between those who would
>not participate in an NSA-chaired CFRG (like myself), and those
>"affiliated with NSA" whom you presume we would "eliminate" from
>participating.
>
>Of course, that's a bogeyman.  No-one wants to prevent anyone else
>from participating.
>
>But the chair role is not a right given to every participant, it's a
>responsibility given to those we trust.  The IETF/IRTF should not
>support a chair for any activity X that has a strong interest in
>sabotaging X.  This isn't a "slippery slope", it's common sense.
>
>--
>
>Finally, I think Kevin's NSA affiliation, and the recent revelations
>of NSA sabotage of a crypto standard, raises issues you did not
>consider.
>
>You did not consider the cloud of distrust which will hang over an
>NSA-chaired CFRG, and over the ideas it endorses.
>
>You also did not consider that as the premier Internet standards
>organization, the IETF/IRTF's actions here will make an unavoidable
>statement regarding the acceptability of such sabotage.
>
>We have the opportunity to send a message that sabotaging crypto
>standards is unacceptable and destroys public trust in those
>organizations in a way that has real consequences.  Or we send a
>message that it's no big deal.
>
>This is a political consideration rather than a technical one, but it
>needs to be considered.  We're sending a message either way.
>
>--
>
>I understand there's no formal appeal process, but these issues are of
>great importance to the IRTF and IETF, and would benefit from the
>perspective IAB possesses.
>
>I would appreciate if the IAB would consider reviewing this issue and
>expressing its judgement.
>
>
>Trevor
>
>
>(a couple comments below)
>
>
>On Sat, Jan 4, 2014 at 11:49 PM, Eggert, Lars <lars@netapp.com> wrote:
>> Hi,
>>
>> on Dec 20, 2013, I received a request from Trevor Perrin in my role as IRTF Chair to consider the removal of Kevin Igoe as one of the co-chairs of the IRTF's Crypto Forum Research Group (CFRG). The request stated several reasons for the removal:
>>
>> (1) That Kevin Igoe provided the only positive feedback on the "Dragonfly" key exchange protocol.
>>
>> (2) That Kevin Igoe made technical suggestions that would have weakened the cryptographic properties of "Dragonfly".
>>
>> (3) That Kevin Igoe misrepresented the CFRG opinion on "Dragonfly" to the IETF's TLS working group.
>>
>> (4) That Kevin Igoe is employed by the NSA.
>>
>> I have reviewed the mailing list discussion, as well as the emails that were sent privately. Thank you all for being candid in your feedback.
>>
>> David McGrew, the CFRG's other co-chair, has already posted a detailed timeline of events on points 1-3 to the list and concluded that the research group process has been followed imperfectly. I share this conclusion.
>
>Dragonfly discussions started in December 2011.  David's timeline
>begins in October 2012, skipping:
> * The early critical feedback which Kevin ignored [1]
> * Kevin's "nitpicking detail" which breaks the protocol's security [2]
> * Kevin's cheerleading for a protocol whose use cases and
>alternatives he made no effort to understand [3]
>
>[1]
>http://www.ietf.org/mail-archive/web/cfrg/current/msg03046.html
>http://www.ietf.org/mail-archive/web/cfrg/current/msg03052.html
>http://www.ietf.org/proceedings/83/minutes/minutes-83-cfrg.txt
>
>[2]
>http://www.ietf.org/mail-archive/web/cfrg/current/msg03047.html
>
>[3]
>http://www.ietf.org/mail-archive/web/cfrg/current/msg03047.html
>http://www.ietf.org/proceedings/84/minutes/minutes-84-tls
>
>
>[...]
>> So unlike the title "co-chair" might imply, and unlike in many other organizations, IRTF co-chairs are little more than group secretaries.
>
>The chair is far more than a "group secretary".  As RFC 2014 section 5.3 states:
>"""
>The Research Group Chair is concerned with making forward progress in
>the areas under investigation, and has wide discretion in the conduct
>of Research Group business.  [...] The Chair has ultimate responsibility
>for ensuring that a Research Group achieves forward progress.
>"""
>_______________________________________________
>Cfrg mailing list
>Cfrg@irtf.org
>http://www.irtf.org/mailman/listinfo/cfrg