++1, Rich. Furthermore, it's fairly clueless. Anyone seeking a secure universe isn't going to find it in this one. Any given instantiation of anything has n to the nth vulnerabilities waiting to be discovered and exploited by someone. Governments are among the lesser of the threat actors.
Most of the real world has moved to risk management conceptualizations - as is pretty obvious on this list. Along those lines, is the new NIST SP800-53 Rev. 4 useful, and shouldn't the discussion be shifted in that direction? --tony On 10/10/2013 10:36 AM, Richard Shockey wrote:
Personally I find IETF discussions of Government behavior distasteful. Frankly we have met the enemy and it is us. The IETF ended up designing security protocols that are very very difficult to deploy at scale. E-Mail encryption is the obvious problem. Oh gee I'm really going to turn that on if it ends up defeating the anti-spam measures. Good luck with that.
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
