On Wed, Dec 4, 2013 at 4:16 AM, Jari Arkko <jari.arkko@xxxxxxxxx> wrote:
FWIW, I agree with this. We should not believe we can make all projects succeed. Or that without a deep understanding of a field we can succeed. Or that we can succeed without understanding and getting the support of the world around us. But the Internet is evolving, the users have real needs and when we know what to do we should do it - you can succeed even in difficult situations.
> I find the defeatism quite depressing. If we know the reason the previous efforts have failed, all we need to do is to address them and try again.
I agree except on the requirement for 'deep understanding'.
The only way that deep understanding can be reached in many of these cases is to try repeatedly and learn from the failures. Or to be willing to 'make a fool of yourself' by making a statement that might turn out to be false or incomplete.
People who are worried about making a fool of themselves don't write crypto protocols. It takes an enormous quantity of ignorance or ego or both to propose a network crypto protocol. The chances are that someone will take your beautiful creation and smash it up in front of your eyes and then dance on all the little pieces.
In particular, I don't think the lectures of the form, 'who are we to attempt this' are helpful in the slightest. But we always get one from at least one of two individuals whenever we attempt something new. I don't think we should abandon hope on S/MIME quite yet but I am quite ready to dump SMTP just to be rid of the 'you are not worthy' lectures.
Nobody understands this stuff completely. There is no cavalry ready to ride in with the answers. The academic field of security usability is not yet an engineering field, it is barely managing to do science.
There are three inescapable lessons of Snowdonia:
1) The insider threat can bring down any organization.
2) Security controls that are too difficult to be used will not be used even in the most security sensitive organizations.
3) We need usable data level security protections now.
I would certainly encourage people to read the security usability literature just as I encourage people to read on semiotics, hermeneutics and many other sources that are outside the narrow field of network engineering. But don't expect those sources to provide the answers because they won't. All that you can expect from deeper understanding is to perhaps ask better questions.
-- Website: http://hallambaker.com/