Re: [Cfrg] RE: Where's the beef?

Alex Alten <> Sat, 31 August 2002 06:46 UTC

Received: from ( [] (may be forged)) by (8.9.1a/8.9.1a) with ESMTP id CAA26477 for <>; Sat, 31 Aug 2002 02:46:29 -0400 (EDT)
Received: (from mailnull@localhost) by (8.11.6/8.11.6) id g7V6lgj25370 for; Sat, 31 Aug 2002 02:47:42 -0400
Received: from ( []) by (8.11.6/8.11.6) with ESMTP id g7V6lfo25367 for <>; Sat, 31 Aug 2002 02:47:41 -0400
Received: from ( [] (may be forged)) by (8.9.1a/8.9.1a) with ESMTP id CAA26374; Sat, 31 Aug 2002 02:45:58 -0400 (EDT)
Received: from (localhost.localdomain []) by (8.11.6/8.11.6) with ESMTP id g7V6l3o25348; Sat, 31 Aug 2002 02:47:03 -0400
Received: from ( []) by (8.11.6/8.11.6) with ESMTP id g7V6klo25327 for <>; Sat, 31 Aug 2002 02:46:48 -0400
Received: from ( []) by (8.9.1a/8.9.1a) with ESMTP id CAA26191 for <>; Sat, 31 Aug 2002 02:45:04 -0400 (EDT)
Received: from alten ([]) by (InterMail vM. 201-229-121-127-20010626) with SMTP id <>; Sat, 31 Aug 2002 06:46:06 +0000
Message-Id: <>
X-Sender: alten@mail
X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.3 (32)
Date: Fri, 30 Aug 2002 23:44:01 -0700
To: "Steven M. Bellovin" <>
From: Alex Alten <>
Subject: Re: [Cfrg] RE: Where's the beef?
Cc: "David A. Mcgrew" <>,, "Ran Canetti" <>
In-Reply-To: <>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <>, <>
List-Id: Crypto Forum Research Group <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>

At 07:31 PM 8/30/2002 -0400, Steven M. Bellovin wrote:
>In message <>, Alex Alten writes:
>Alex, if I recall correctly you've made this proposal before -- and 
>were told that (a) the IETF doesn't work that way (b) the IETF doesn't 
>want to work that way, (c) we think that we do a good job nevertheless, 
>and (d) the openness of our process makes it easier to attract the 
>attention of many different experts -- which has, in fact, happened in 
>the past.  
>Putting on my Security AD hat, I can say quite unequivocally that I 
>have no budget for "expert reviews" of any sort.  Nor do I feel the 
>need for one.
>As for "private review" before first call -- no one thinks that 
>anyone's random, first thoughts should be published as an RFC, or even
>as an I-D.  Most I-Ds, even -00s, are the product of a fair amount of 
>thought and work before they're even submitted for the first time.  And 
>we have a lot of review after that, by bodies we call "working groups".

Well Steve, if I have I sure don't remember doing so.  This is my first
time stating this type of position.  Maybe you've mixed me up with someone

Anyway thanks for the plain speaking.  I was speaking from my own experience
developing custom cryptographic algorithms.  I am no cryptanalyst, and I have
come to deeply respect the analysis of people I do not ever see participating
in our efforts here.  My concern was that we would not get the best advice
if we could not pay for it.  You have stated otherwise.  So be it.

But we have been sidetracked by this issue--I should not have pursued it
with David M.

What I really want to understand is what is this RG's practical role?
(Jim H's somewhat pessimistic viewpoint seems to cut close to the bone.)

Of particular interest to me is can it design custom cryptography to meet
the particular needs of a WG?


- Alex


Alex Alten

Cfrg mailing list