Re: Transparency in Specifications and PRISM-class attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



    > From: Martin Sustrik <sustrik@xxxxxxxxxx>

    > Isn't it the other way round? That exactly because IETF process is open
    > it's relatively easy for anyone to secretly introduce a backdoor into a
    > protocol?
    > ...
    > With IETF standard there can very well be several unknown backdoors
    > introduced by different parties, so it's never safe.

Iff enough people are _carefully_ reviewing specs, that ought to find all the
backdoors. An open process does have potential issues, but it's also the one
with the best chance of producing a 'good' product.

    > That being said, wouldn't it make more sense to admit that IETF is not
    > a good platform for devising, say, crypto protocols and act accordingly
    > (use 3rd party protocols ...)?

You mean, trust another entity, which might have been suborned? How are they
less likely to have produced something without backdoors than the IETF?

	Noel




[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]