ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Nuanced points and RFC 1984

2015-08-17 09:57:28
from [Eliot Lear] [Permanent Link] 
Harald,

On 8/17/15 2:09 PM, Harald Alvestrand wrote:

On 08/17/2015 09:06 AM, Eliot Lear wrote:

Escrow is only useful against law-abiding people who
trust the government(s) in the first place.


It's that assertion that has been repeatedly proven false with all
manner of other technology.

{{citation needed}} - in other debates, I've heard "proof" claimed for
all sorts of things; sometimes it's things I believe; sometimes it turns
out that the "proof" is itself hugely controversial.



I did provide a citation to this list on August 12th that contradicted
what Brian wrote above:

http://www.nytimes.com/2015/08/09/business/international/effects-of-petrobras-scandal-leave-brazilians-lamenting-a-lost-dream.html

Here's a case where the people in question *could* have gone to some
lengths to protect their communications but did not.  That is
practically speaking the entire history of wiretapping.[*]  That doesn't
mean we break our protocol suite to wire tap, but it also doesn't mean
that we overstate the negatives when talking to others.  1984 makes
clear that use of escrow and other approaches has serious side effects
that can negatively impact security.  That statement is good enough.[**]

Eliot

[*] I'm reminded of another example of this sort of thing.  Many years
ago, in the middle of winter, my parents' house was broken into.  They
called the police and the police quickly arrested a person who lived
nearby, having tracked him by his footprints in a snowy field that links
many of the houses.  Had he simply walked on the clear sidewalk, he
probably wouldn't have been caught.  Not all criminals are super
geniuses.[1]

[**] Elsewhere it has been asserted that the ability to create a
functioning escrow approach that scales.  I think that's very likely
true, but if it turns out not to be, we should revisit 1984 at that
time, as to whether or not it remains appropriate as a BCP.

[1] https://www.flickr.com/photos/ladystephanie/10227056515

Attachment: signature.asc
Description: OpenPGP digital signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IETF 94 - Registration and Hotel Information - no availablity, Hiroshi Esaki
Next by Date:  Re: Nuanced points and RFC 1984, Eliot Lear
Previous by Thread:  Re: Last Call: Recognising RFC1984 as a BCP, Eric Burger
Next by Thread:  Re: Nuanced points and RFC 1984, Eliot Lear
Indexes:  [Date] [Thread] [Top] [All Lists]