[bestbits] Do we really want to shoot in Dilma's foot?

Pranesh Prakash pranesh at cis-india.org
Tue Oct 15 01:50:42 EDT 2013


JFC Morfin [2013-10-14 20:49]:
> At 21:32 14/10/2013, Pranesh Prakash wrote:
>> Do you have a link for this?
> 
> The internet architecture has not been designed (it was a prototype) and
> reviewed for security (this belongs first to IRTF and IAB).

This is true. But that doesn't answer my question about NSA weakening
IETF or other similar bodies.  NSA has been shown to have meddled with
NIST processes (by introducing a PRNG called Dual EC DRBG in the NIST SP
800-90A standard), but as far as I know no IETF/IRTF/IESG/IAB, etc. body
ever considered those.  NIST and NSA are statutorily wedded to each
other: NIST is *required* under US law to work with the NSA in crypto
standards formulation.

Also there have been many attempts at fixing Internet security,
including IPsec, DNSsec, TLS, etc.  There have literally been dozens of
RFCs addressing security, including end-to-end security.  There have
also been efforts like RADIUS, SSH, SASL, and numerous others. See, for
example:

http://www.rfc-base.org/txt/rfc-1825.txt
http://www.rfc-base.org/txt/rfc-2316.txt

Many of these RFCs came out in the 1990s.

> The way NSA etc. have negatively influenced security is in not showing
> the path to better security. This was both by ignorance and by purpose.
> This is what we need to technically correct with a clear methodology.
> Today, RFC 6852 puts IETF outside of the security holy loop. 

I'm not at all clear to me what RFC 6852 has to do with security
standards.  Even if your complaint is the non-overlapping of RFC 6582
with RFC 3935, I don't see how that "puts IETF outside of the security
holy loop", nor for that matter do I understand what "the security holy
loop" is.

-- 
Pranesh Prakash
Policy Director
Centre for Internet and Society
T: +91 80 40926283 | W: http://cis-india.org
PGP ID: 0x1D5C5F07 | Twitter: @pranesh_prakash
--------------------
Postgraduate Associate & Access to Knowledge Fellow
Information Society Project, Yale Law School
T: +1 520 314 7147 | W: http://yaleisp.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.igcaucus.org/pipermail/bestbits/attachments/20131015/8bbd7ff0/attachment.sig>


More information about the Bestbits mailing list