Replying to two of your mails at once... On 12/06/2013 06:49 PM, t.p. wrote: > ----- Original Message ----- > From: "Stefan Winter" <stefan.winter@xxxxxxxxxx> > To: <ietf@xxxxxxxx> > Sent: Friday, December 06, 2013 10:15 AM > > If encryption makes terrorism, crime and so on more likely, then we > could see countries impose restrictions on encryption in the same way as > for guns, and a few years down the line, the role of the IETF in > encouraging the use of strong encryption could be seen as a serious > misjudgment, one that is damaging to the standing of the IETF. Wow. The IETF already has a consensus on the use of strong crytopgraphy. And has had for 17 years. Please read RFC 1984. If you have read it, I have no clue how you could accept it and make the above (spurious, but that's beside the point) argument. If you have read it, but don't accept it, then go right ahead and write a draft suggesting a replacement that fits your worldview better. If you have not read it, please do. On 12/06/2013 06:57 PM, t.p. wrote: > ----- Original Message ----- > From: "Stephen Farrell" <stephen.farrell@xxxxxxxxx> > To: "Stefan Winter" <stefan.winter@xxxxxxxxxx>; <ietf@xxxxxxxx> > Sent: Friday, December 06, 2013 11:58 AM >> >> On 12/06/2013 10:15 AM, Stefan Winter wrote: >>> The TV manufacturer could have used it - they were simply stupid >>> enough to forget about it. >> >> I think in that case, the person who spotted the issue would >> also have considered it odd if ciphertext continued to be >> emitted after they had clicked the "don't send" button. > > The person who spotted the issue did click "don't send" and the messages > continued to be sent (according to the reports). Which is, after all, > exactly what you would expect to see with good security - don't give the > other parties an opportunity to use traffic analysis to determine what > is going on. My point was in response to your saying that that case demonstrated that ciphertext would prevented the person from knowing their TV was sending out messages when they didn't want that. The fact is in that case that any message ciphertext or plain would demonstrate that the TV is misbehaving. So your argument falls. Cheers, S.