> ps; The argument doesn't apply generally either: > > a. We here are far better placed to choose the Internet's crypto suite for > the general case than any manager, committee, or sysadm.
Agreed, but how are you proposing to force a change when a particular cipher suite starts to show its age? It seems that those decisions need to be made locally as software is upgraded, and certainly it is not realistic for a global change to be done atomically. No agility now => no ability to change, ever. I've been down this path too many times to have hope. > b. If the Russians don't trust it, they are entirely at liberty to write > their own crypto protocol and back-fit it into their software. It's not > that hard, and if they care - which they do for natsec - they'll be > backfitting software anyway. I think I might agree about any one specific case, but at what point are the goals of the WG defeated by this attitude? Only the Russians? "Ok, I guess." The Russians and the Chinese? "Well, that's a lot of people..." The entire US government too? "Uh..." What about the banking system? "..." The high level goal here is to have a framework for global encryption of all TCP traffic. Fragmentation acts against this goal. > d. Unlike the WB/IMF/UN, IETF isn't a subsidy organisation to deliver > solutions to governments. It delivers to the masses, not any particular > squeaky wheel. Absolutely. But I think there are enough squeaky wheels on this issue that they are a substantial constituent of the wider internet community, and not simply ornery outliers. Kyle _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
