[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sat, 7 Sep 2013, bad apple wrote:
This NSA business is the gift that just keeps on giving... there is no bottom to this rabbit hole apparently. http://www.mail-archive.com/cryptography@xxxxxxxxxxxx/msg12325.html From John Gilmore no less. Ouch.
The cryptography mailing list has been a great resource for understandin the technical details and implications of recent revelations regarding the NSA.
In this particular case, I would like to hear the comments of other participants in those discussions.
I've followed a few IETF working groups (mostly as a lurker, and none were about actual crypto standards) and they tend to get pretty political. I've learned to take comments from participants, no matter how well respected they are, with a pinch of salt, unless backed up by others.
More generally, there has been a tendency to believe anything people who are "against the NSA" say, and to disbelieve everything the NSA says. Much as I understand that sentiment, I'm not sure if it's helpful.
The recent events should be a good lesson to scrutinize standards and implementations. But just because the NSA co-wrote or endorsed something, it doesn't mean it's weak. And likewise, just because the NSA says something is weak, it doesn't mean that it's something they can't break.
Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq