Re: [Cfrg] CFRG and thwarting pervasive montoring

Paul Hoffman <> Mon, 30 December 2013 02:58 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 369481AE392 for <>; Sun, 29 Dec 2013 18:58:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.347
X-Spam-Status: No, score=-1.347 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_MISMATCH_COM=0.553] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id n5_v1SeW_i4z for <>; Sun, 29 Dec 2013 18:58:04 -0800 (PST)
Received: from (IPv6.Hoffman.Proper.COM [IPv6:2605:8e00:100:41::81]) by (Postfix) with ESMTP id 7F3151AE330 for <>; Sun, 29 Dec 2013 18:58:04 -0800 (PST)
Received: from [] ( []) (authenticated bits=0) by (8.14.7/8.14.7) with ESMTP id rBU2vt88067254 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Sun, 29 Dec 2013 19:57:56 -0700 (MST) (envelope-from
X-Authentication-Warning: Host [] claimed to be []
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
From: Paul Hoffman <>
In-Reply-To: <>
Date: Sun, 29 Dec 2013 18:57:56 -0800
Content-Transfer-Encoding: quoted-printable
Message-Id: <>
References: <> <> <> <> <>
To: Watson Ladd <>
X-Mailer: Apple Mail (2.1827)
Cc: "" <>
Subject: Re: [Cfrg] CFRG and thwarting pervasive montoring
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 30 Dec 2013 02:58:05 -0000

On Dec 29, 2013, at 2:11 PM, Watson Ladd <> wrote:

>>> Note that deprecating the use of crypto that is widely known to be
>>> broken is the purview of IETF WGs, not the CFRG. The relevant WGs
>>> (particularly TLS) seem to already be doing that.
> I don't agree with this assessment:

Then you maybe misunderstand the roles of RGs, WGs, and BoFs. RGs such as the CFRG do not get to write standards track documents (including BCPs), and yet these are the exact documents we want deprecating broken crypto.

> the BCP Yaron Sheffer wrote on
> depreciating RC4 got kicked
> to the newly formed UTA WG, which has done nothing with it.

As noted before, the UTA WG was just formed. RC4 has been broken for a long time.

> The
> biggest changes here have
> been AGL pushing stuff into Chrome, but he can't do the server side
> nearly as easily. It's been
> a controversial topic in the TLS WG, even with Marsh Ray and AGL pushing for it.

Many individuals in the IETF actively participate in more than just one WG. Even more passively watch. If the UTA WG fails to move on deprecating broken crypto, it will be seen by many interested individuals and that problem can be fixed later.

--Paul Hoffman