On Sep 20, 2013, at 10:02 AM, Martin Sustrik <sustrik@xxxxxxxxxx> wrote: > Isn't it the other way round? That exactly because IETF process is open it's relatively easy for anyone to secretly introduce a backdoor into a protocol? No, this is exactly wrong. What is important about openness is not who is allowed to make changes, but who is allowed to see changes being made. So sure, the NSA could send someone in to try to sabotage a protocol. But people who want the protocol to be secure are also welcome. This means that they have a chance to prevent the sabotage, if they can detect it as it is happening, and it also means that we can audit the process later to see if it was sabotaged, and if so, by whom. By comparison, in a closed process, the NSA is still welcome. Non-NSA people might well _not_ be welcome. There is no ability to validate the process as it is happening, so sabotage can easily be concealed. And if sabotage is successful, it is easy both to conceal the fact of the sabotage, and also who is responsible for the sabotage. When you think about the protection afforded by closed processes, you must always ask, quis custodiet ipsos custodes: who guards those who guard? If the people acting as gatekeeper are corrupt, or are successfully fooled, then all is lost. With an open process, everybody is potentially a gatekeeper, so it's much harder to corrupt the process. In order to have backdoors, the thing in which the backdoor exists must be secret, either because nobody bothered to look, or because nobody _can_ look. It is true that if nobody bothers to look, you can have a backdoor in any protocol, but we can't do anything about that. We _can_ make sure that we are at least permitted to look for the backdoor. And the IETF process very deliberately allows for that.