[146776] in cryptography@c2.net mail archive
Re: [Cryptography] Opening Discussion: Speculation on "BULLRUN"
daemon@ATHENA.MIT.EDU (Gregory Perry)
Sat Sep 7 18:05:44 2013
X-Original-To: cryptography@metzdowd.com
From: Gregory Perry <Gregory.Perry@govirtual.tv>
To: Phillip Hallam-Baker <hallam@gmail.com>
Date: Sat, 7 Sep 2013 21:14:47 +0000
Cc: "cryptography@metzdowd.com" <cryptography@metzdowd.com>,
ianG <iang@iang.org>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============8446159782333255315==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary="_000_718DFA7882181D45B8BD18F31C46D55427B221DBMBX204domainloc_"
--_000_718DFA7882181D45B8BD18F31C46D55427B221DBMBX204domainloc_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
On 09/07/2013 05:03 PM, Phillip Hallam-Baker wrote:
Good theory only the CA industry tried very hard to deploy and was prevente=
d from doing so because Randy Bush abused his position as DNSEXT chair to p=
revent modification of the spec to meet the deployment requirements in .com=
.
DNSSEC would have deployed in 2003 with the DNS ATLAS upgrade had the IETF =
followed the clear consensus of the DNSEXT working group and approved the O=
PT-IN proposal. The code was written and ready to deploy.
I told the IESG and the IAB that the VeriSign position was no bluff and tha=
t if OPT-IN did not get approved there would be no deployment in .com. A bu=
siness is not going to spend $100million on deployment of a feature that ha=
s no proven market demand when the same job can be done for $5 million with=
only minor changes.
And this is exactly why there is no real security on the Internet. Because=
the IETF and standards committees and working groups are all in reality po=
litical fiefdoms and technological monopolies aimed at lining the pockets o=
f a select few companies deemed "worthy" of authenticating user documentati=
on for purposes of establishing online credibility.
There is no reason for any of this, and I would once again cite to Bitcoin =
as an example of how an entire secure online currency standard can be creat=
ed and maintained in a decentralized fashion without the need for complex h=
ierarchies of quasi-political commercial interests.
Encrypting SMTP is trivial, it's all about the standard to make it happen. =
Encrypting IPv6 was initially a mandatory part of the spec, but then it so=
mehow became discretionary. The nuts and bolts of strong crypto have been =
around for decades, but the IETF and related standards "powers to be" are m=
ore interested in creating a global police state than guaranteeing some sem=
blance of confidential and privacy for Internet users.
--_000_718DFA7882181D45B8BD18F31C46D55427B221DBMBX204domainloc_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"=
>
</head>
<body text=3D"#000000" bgcolor=3D"#FFFFFF">
<div class=3D"moz-cite-prefix">On 09/07/2013 05:03 PM, Phillip Hallam-Baker=
wrote:<br>
</div>
<blockquote cite=3D"mid:CAMm+Lwh0KaBa2mh8R6Y90MoVpFOWonDLc5JKmajzYKn5CU=
iOzA@mail.gmail.com" type=3D"cite">
<div dir=3D"ltr">
<div class=3D"gmail_extra">
<div class=3D"gmail_quote"><br>
<div>Good theory only the CA industry tried very hard to deploy and was pre=
vented from doing so because Randy Bush abused his position as DNSEXT chair=
to prevent modification of the spec to meet the deployment requirements in=
.com.</div>
<div><br>
</div>
<div>DNSSEC would have deployed in 2003 with the DNS ATLAS upgrade had the =
IETF followed the clear consensus of the DNSEXT working group and approved =
the OPT-IN proposal. The code was written and ready to deploy. </div>
<div><br>
</div>
<div>I told the IESG and the IAB that the VeriSign position was no bluff an=
d that if OPT-IN did not get approved there would be no deployment in .com.=
A business is not going to spend $100million on deployment of a feature th=
at has no proven market demand when
the same job can be done for $5 million with only minor changes.</div>
<div><br>
</div>
</div>
</div>
</div>
</blockquote>
And this is exactly why there is no real security on the Internet. Be=
cause the IETF and standards committees and working groups are all in reali=
ty political fiefdoms and technological monopolies aimed at lining the pock=
ets of a select few companies deemed
"worthy" of authenticating user documentation for purposes of es=
tablishing online credibility.<br>
<br>
There is no reason for any of this, and I would once again cite to Bitcoin =
as an example of how an entire secure online currency standard can be creat=
ed and maintained in a decentralized fashion without the need for complex h=
ierarchies of quasi-political commercial
interests.<br>
<br>
Encrypting SMTP is trivial, it's all about the standard to make it happen.&=
nbsp; Encrypting IPv6 was initially a mandatory part of the spec, but then =
it somehow became discretionary. The nuts and bolts of strong crypto =
have been around for decades, but the IETF
and related standards "powers to be" are more interested in crea=
ting a global police state than guaranteeing some semblance of confidential=
and privacy for Internet users.<br>
</body>
</html>
--_000_718DFA7882181D45B8BD18F31C46D55427B221DBMBX204domainloc_--
--===============8446159782333255315==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============8446159782333255315==--