Ted,
On 07/09/2013 03:32, Ted Lemon wrote:
> On Sep 6, 2013, at 2:46 AM, SM <s...@resistor.net> wrote:
>> At 20:08 05-09-2013, Ted Lemon wrote:
>>> I think we all knew NSA was collecting the data. Why didn't we do
>>> something about it sooner? Wasn't it an emergency when the PATRIOT act
>>> was passed? We certainly thought it was an emergency back in the days of
>>> Skipjack, but then they convinced us we'd won. Turns out they just went
>>> around us.
>> I would describe it as a scuffle instead of a battle. My guess is that the
>> IETF did not do anything sooner as nobody knows what to do, or it may be
>> that the IETF has become conservative and it does not pay attention to the
>> minority report.
>
> It was definitely a battle. There were threats of imprisonment, massive
> propaganda dumps (think of the children!), etc. People broke the law, moved
> countries, etc. We just forget it because "we" "won" it, and it seems
> smaller in memory than it was when it was happening.
>
> The IETF didn't do anything because the tin foil hat contingent didn't have
> consensus, and we had no data to force the point. As you alluded to
> earlier, it's historically been very difficult to get people to treat
> security and privacy seriously, and frankly it still is.
>
> So this isn't an emergency. It's a teachable moment. We should pay
> attention.
Absolutely. I have noted at least 20 messages in the recent flood that
mention useful things the IETF can do, which is exactly what my provocative
message asked for. But (as Bruce's own recent posts show) the main weak spots
are not protocols and algorithms.
Brian
