Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-07 Thread Gregory Perry
As an opponent of DNSSEC opt-in back in the day, I think this is a poor example of NSA influence in the standards process. I do not challenge PHB's theory that the NSA has plants in the IETF to discourage moves to strong crypto, particularly given John Gilmore's recent message on IPSEC, but I

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-07 Thread Gregory Perry
If so, then the domain owner can deliver a public key with authenticity using the DNS. This strikes a deathblow to the CA industry. This threat is enough for CAs to spend a significant amount of money slowing down its development [0]. How much more obvious does it get [1] ? The PKI industry

Re: [Cryptography] Bruce Schneier has gotten seriously spooked

2013-09-07 Thread Gregory Perry
On 09/07/2013 02:53 PM, Ray Dillinger wrote: Is he referring to the standard set of ECC curves in use? Is it possible to select ECC curves specifically so that there's a backdoor in cryptography based on those curves? I know that hardly anybody using ECC bothers to find their own curve; they

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-07 Thread Gregory Perry
On 09/07/2013 04:20 PM, Phillip Hallam-Baker wrote: Before you make silly accusations go read the VeriSign Certificate Practices Statement and then work out how many people it takes to gain access to one of the roots. The Key Ceremonies are all videotaped from start to finish and the auditors

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-07 Thread Gregory Perry
On 09/07/2013 05:03 PM, Phillip Hallam-Baker wrote: Good theory only the CA industry tried very hard to deploy and was prevented from doing so because Randy Bush abused his position as DNSEXT chair to prevent modification of the spec to meet the deployment requirements in .com. DNSSEC would

Re: [Cryptography] Bruce Schneier has gotten seriously spooked

2013-09-07 Thread Gregory Perry
On 09/07/2013 07:32 PM, Brian Gladman wrote: I don't have experience of how the FBI operates so my comments were directed specifcally at NSA/GCHQ interests. I am doubtful that very large organisations change their direction of travel very quickly so I see the huge investments being made in