> From: Dean Willis <dean.willis@xxxxxxxxxxxxx> > The [IETF] .. needs dedicate its next meeting to this task. This is > an emergency, and demands an emergency response. The thing is that I'm not sure how much of this is the NSA 'breaking' protocols/algorithms, and how much is finding ways past/around that security. E.g. some of it (from accounts in the news) is definitely back doors, inserted into hardware or software, and clearly we can't fix those. Most importantly, in one news story I read, Snowden was quoted as saying "Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it". If this is accurate, we can fix protocols till the cows come home, and people who wish to gain access to the data will just break into the hosts, and grab the data before/after it crosses the network. So it's not at all clear than the IETF can really fix (much of) the problem. Noel