> From: Steve Crocker <steve@xxxxxxxxxxxx>
> Are we conflating back doors in implementations with back doors in
> protocol specifications?
Good point, but I was thinking specifically of protocol specs, since that's
what the IETF turns out.
> It's certainly a conceptual possibility for there to be a back door in a
> protocol specification, but I don't recall ever hearing about one.
Well, here's one I was just reading about this morning:
Last week, the New York Times reported that Snowden's cache of documents
from his time working for an NSA contractor showed that the [NSA] used its
public participation in the process for setting voluntary cryptography
standards, run by the government's National Institute of Standards and
Technology, to push for a formula that it knew it could break.
NIST, which accepted the NSA proposal in 2006 as one of four systems
acceptable for government use
http://www.reuters.com/article/2013/09/20/us-usa-security-snowden-rsa-idUSBRE98J02Z20130920
(The irony here is that NSA, which is supposed to ensure the security of
government communications, deliberately pushed a weakened system as "one of
four systems acceptable for government use" - probably because they worked out
that what's they'd lose by its use in a few cases non-critical cases [no doubt
they wouldn't OK its use in really crucial systems] was outweighed by what
they might gain from outside use.)
Noel