[Standards-JIG] The Great Encryption Debate

Tue Aug 2 13:10:50 CDT 2005

Over time it has become painfully clear that RFC 3923 [1] is not going 
to be widely implemented or deployed. Likewise, JEP-0027 [2] was a good 
beginning but it is limited to OpenPGP keys, which many people (let 
alone Aunt Tillie) do not have. Despite the fact that this situation is 
intolerable, for the last 2+ years I have actively discouraged 
discussion of end-to-end encryption outside the Internet Standards 
Process (e.g., I persuaded the Council not to publish the "Secure 
Stanzas" proposal [3] submitted by Justin Karneges). I take full 
responsibility for that (the reasons for this were more political than 
technical). However, we can't live without end-to-end encryption 
forever, and I think we need to develop some running code around a 
protocol on which we can get rough consensus. If we can achieve that, 
perhaps we can agree on a technology that we could eventually propose to 
the IETF as a replacement for RFC 3923. However, the primary goal here 
is to develop a technology (based on best security practices and 
technologies) that we as a community can get behind. I realize that 
security is a contentious area on which agreement can be hard to find, 
but that's why they pay us the big bucks. :-)

So I propose that we initiate "The Great Encryption Debate". Any and all 
proposals are on the table. Let's publish Justin's "Secure Stanzas" 
proposal. Let's publish a proposal based on W3C XML Encryption and XML 
Signature [4] if someone wants to write such a proposal. Let's debate 
the merits of RFC 3923 and JEP-0027. Let's talk about the Off-the-Record 
Communications (OTR) plugin for Gaim. [5] Let's discuss JEP-0116. [6] 
But let's not just talk, let's also implement. (I apologize in advance 
for the fact that I'm not a good coder, but I'll try to help if I can.)

In parallel to this change of thinking on my part (in fact I have simply 
been waiting for the right time), Ian Paterson and I have been reworking 
JEP-0116 (ESessions), which the JEP Editor will release momentarily. We 
do not claim that JEP-0116 is the final answer (especially in its 
current state, since it needs to be reviewed and improved in a number of 
areas). Rather, we publish it with the intent of sparking discussion and 
eventually finding an approach that can gain consensus. While I rather 
like the ESessions approach since it is based on both SSH and OTR in 
several important ways, it may not be the proposal that achieves 
consensus. If not, so be it. If so, hopefully we'll all go forth and 
implement. But there's only one way to find out....

Let the debate begin!

Peter

[1] http://www.ietf.org/rfc/rfc3923.txt
[2] http://www.jabber.org/jeps/jep-0027.html
[3] http://www.jabber.org/jeps/inbox/secure-01.html
[4] http://xml.coverpages.org/xmlAndEncryption.html
[5] http://www.cypherpunks.ca/otr/
[6] http://www.jabber.org/jeps/jep-0116.html