[Ach] rfc7525
ianG
iang at iang.org
Sun May 31 15:03:44 CEST 2015
On 31/05/2015 12:00 pm, Aaron Zauner wrote:
> Hi Ian,
>
> * Ian G <iang at iang.org> [30/05/2015 14:59:57] wrote:
>> Has anyone considered/used/reviewed the document known as RFC7525?
>>
>> https://tools.ietf.org/html/rfc7525
>
> I have. What do you want to know? :)
Of course you have ;-) What I wanted to know ... well, just gossip really.
How does their project compare to the BetterCrypto project? Can we shut
up shop now that the IETF is in the game? Is there a very different
purpose? Or are they just faffing around in committee again...
Does the RFC format help? I would have thought the notion of publishing
an RFC was strictly wrong because security is an arms race and only a
dynamic document process can help.
How did their work compare to BetterCrypto's advice? Was there anything
in there that we didn't know? Is there anything they didn't know?
Is their advice useful to ... whom? sysadms? Implementors? Designers?
I gave it a quick skim and it seemed to be rather ... useless to
sysadms for example.
Really, gossip! As you might know there is this rolling foodfight over
protocol design going on over at IETF as people are pointing out that
the process they use might be part of the problem not the solution.
iang
More information about the Ach
mailing list