[Cryptography] Opening Discussion: Speculation on "BULLRUN"

Eugen Leitl eugen at leitl.org
Sun Sep 8 02:25:43 PDT 2013 

----- Forwarded message from Gregory Perry <Gregory.Perry at govirtual.tv> -----

Date: Sat, 7 Sep 2013 21:14:47 +0000
From: Gregory Perry <Gregory.Perry at govirtual.tv>
To: Phillip Hallam-Baker <hallam at gmail.com>
Cc: "cryptography at metzdowd.com" <cryptography at metzdowd.com>, ianG <iang at iang.org>
Subject: Re: [Cryptography] Opening Discussion: Speculation on "BULLRUN"

On 09/07/2013 05:03 PM, Phillip Hallam-Baker wrote:

Good theory only the CA industry tried very hard to deploy and was prevented from doing so because Randy Bush abused his position as DNSEXT chair to prevent modification of the spec to meet the deployment requirements in .com.

DNSSEC would have deployed in 2003 with the DNS ATLAS upgrade had the IETF followed the clear consensus of the DNSEXT working group and approved the OPT-IN proposal. The code was written and ready to deploy.

I told the IESG and the IAB that the VeriSign position was no bluff and that if OPT-IN did not get approved there would be no deployment in .com. A business is not going to spend $100million on deployment of a feature that has no proven market demand when the same job can be done for $5 million with only minor changes.

And this is exactly why there is no real security on the Internet.  Because the IETF and standards committees and working groups are all in reality political fiefdoms and technological monopolies aimed at lining the pockets of a select few companies deemed "worthy" of authenticating user documentation for purposes of establishing online credibility.

There is no reason for any of this, and I would once again cite to Bitcoin as an example of how an entire secure online currency standard can be created and maintained in a decentralized fashion without the need for complex hierarchies of quasi-political commercial interests.

Encrypting SMTP is trivial, it's all about the standard to make it happen.  Encrypting IPv6 was initially a mandatory part of the spec, but then it somehow became discretionary.  The nuts and bolts of strong crypto have been around for decades, but the IETF and related standards "powers to be" are more interested in creating a global police state than guaranteeing some semblance of confidential and privacy for Internet users.

_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5

More information about the cypherpunks mailing list