ietf
[Top] [All Lists]

Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA

2013-09-06 05:51:58

Summarising a *lot* :-)

On 09/06/2013 11:30 AM, Stewart Bryant wrote:

There is a whole bunch of stuff we can do

I fully agree. Some more detail on one of those...

We setup the perpass list [1] as a venue for triaging
specific proposals in this space. A few weeks in, we
have one I-D [2] (very much a -00) that tries to describe
a threat model that matches the recent revelations,
and that could be a good reference when folks are
developing protocols.

We have found volunteers to write a draft for a BCP
on how to use perfect forward secrecy in TLS, more
common use of which (we still think) would mitigate a
bunch of the ways in which TLS traffic could be
subverted, given various forms of collusion/coercion.
I hope the -00 for that will pop out in a weekish.

We've had some discussion about how to do better with
email, but that's not yet landed on specifics that
could be taken further. And a couple of other topics
have come up. More are welcome.

For any such topic that looks like it'll turn into
something actionable (in the IETF context), I'm very
happy to push to get it adopted by a relevant WG or
to get it AD sponsored.

If you care about this stuff, then get on that list
and make concrete proposals and write I-Ds about ways
the IETF can improve the situation. If the content
is good, you'll find you're pushing on an open door
(at least as far as the SEC ADs are concerned:-).

And as we all know the IETF cannot "solve the problem"
here, but as Stewart rightly said: there is stuff we
can do better. So let's do it.

I do think some kind of session in Vancouver would be
useful to move this along some more and there's
discussion ongoing within the IESG and IAB on how to
best do that. If we (IESG/IAB) fail in that, please do
beat us up mightily at the mic in Vancouver.

Cheers,
S.

[1] https://www.ietf.org/mailman/listinfo/perpass
[2] http://tools.ietf.org/html/draft-trammell-perpass-ppa


<Prev in Thread] Current Thread [Next in Thread>