On 9/28/16 3:08 PM, Bill Frantz wrote: > On 9/28/16 at 2:01 AM, m...@sap.com wrote: >> I'm sorry, but I'm still violently opposed to the IETF endorsing >> backdooring of security protocols. > I find myself in violent agreement with Martin, and many others in the > IETF.
This seems uncontroversial and frankly somewhat low-information. Yay, crypto backdoors are bad. That said, IETF participation is dominated by large equipment and software vendors and the problem space, at least until recently (there's been a crop of data center-related problems coming up in OPS and routing), has tended to cover service provider-related questions. We have poor participation and representation from enterprise networks. So now we've got someone showing up from the enterprise space and saying "I have this problem related to protocol changes." And yeah, he's very, very late in this process, although it's worth pointing out that it's in the best tradition of the IETF to deal with technical problems that crop up with documents at any point in their development. It seems to me that the discussions of alternatives to modifying the protocol to meet his needs has been extremely helpful, and it also seems to me that in some sense this ought to be an object lesson to large enterprises dealing with fairly sophisticated protocol problems that they really need to get involved and make their requirements known. If there's a need here for a new monitoring framework that doesn't involve compromising the security of IETF protocols, that strikes me as an interesting question. In the meantime I'd hate to see this level of hectoring continue - we need more participation from other kinds of network operators, not less. Melinda
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls