ietf
[Top] [All Lists]

Re: Last Call: Recognising RFC1984 as a BCP

2015-08-12 16:49:29
On 08/12/2015 11:02 PM, Roy T. Fielding wrote:
The reason I read it that way is because, in fact, none of the protocols
we developed at that time actually required strong cryptography.  They
just assumed you would layer the right amount of cryptography underneath,
using one of the (at that time) non-IETF security protocols with appropriate
patent and export licensing.
I was in the room at the Danvers plenary, and that was not the
impression I got.
In particular, at that time many people believed very strongly that
IPSEC, an IETF protocol, would be THE most useful tool for achieving
security, once it was finished.

Other RFCs at the time included RFC 1968, the PPP Encryption Control
Protocol, RFC 1969, the PPP DES Encryption Protocol, and RFC 1964, the
Kerberos Version 5 GSS-API mechanism.

A cynic would say that they were just making different wrong assumption
from the one Roy observed, but people seemed to strongly believe that
the IETF was developing protocols that required strong cryptography.

-- 
Surveillance is pervasive. Go Dark.