On 7/31/23 09:00, John C Klensin wrote:
Not quite certain what you are disagreeing with. Should I have been more explicit that, when I said "getting encryption right", I was not just referring to the underlying science and/or engineering but to understanding and working with the tradeoffs in the real world, including the observations that protection of children and deterring or catching various criminal types are real issues, independent of how they are weaponized to promote other agendas.
Sorry, I completely reject that kind of framing, because that kind of argument is always used to compromise people's freedom.
What I understand is that there are other vulnerabilities than the encryption algorithm, key agreement, etc. that are imperfect and cannot be fixed. And communications can and are attacked via those vectors. So the system as a whole is inevitably a compromise, and some of those weaknesses are VERY hard to address against well-funded adversaries (which the adversaries of freedom are). For example, if you're concerned about the exposure of IP addresses in packet headers, you can go to great lengths to try to address such vulnerabilities, and the gains you get for your trouble (increased expense, reduced efficiency, etc) are likely to be marginal in the face of a state-supported adversary. Those vulnerabilities are essentially inevitable, and while there are some compromises around trying to address them, you can't eliminate all the vulnerabilities. You have to make some unpleasant compromises.
What I don't accept is that ANY kind of deliberate weakening of communication systems is acceptable. Because we know that that argument only favors the enemies of freedom.
Keith
