rfc9446v1.txt   rfc9446.txt 
skipping to change at line 22 skipping to change at line 22
Reflections on Ten Years Past the Snowden Revelations Reflections on Ten Years Past the Snowden Revelations
Abstract Abstract
This memo contains the thoughts and recountings of events that This memo contains the thoughts and recountings of events that
transpired during and after the release of information about the transpired during and after the release of information about the
United States National Security Agency (NSA) by Edward Snowden in United States National Security Agency (NSA) by Edward Snowden in
2013. There are four perspectives: that of someone who was involved 2013. There are four perspectives: that of someone who was involved
with sifting through the information to responsibly inform the with sifting through the information to responsibly inform the
public, that of a security area director of the IETF, that of a human public, that of a security area director of the IETF, that of a human
rights expert, and that of a computer science and law professor. The rights expert, and that of a computer science and affiliate law
purpose of this memo is to provide some historical perspective, while professor. The purpose of this memo is to provide some historical
at the same time offering a view as to what security and privacy perspective, while at the same time offering a view as to what
challenges the technical community should consider. security and privacy challenges the technical community should
consider. These essays do not represent a consensus view, but that
of the individual authors.
Status of This Memo Status of This Memo
This document is not an Internet Standards Track specification; it is This document is not an Internet Standards Track specification; it is
published for informational purposes. published for informational purposes.
This is a contribution to the RFC Series, independently of any other This is a contribution to the RFC Series, independently of any other
RFC stream. The RFC Editor has chosen to publish this document at RFC stream. The RFC Editor has chosen to publish this document at
its discretion and makes no statement about its value for its discretion and makes no statement about its value for
implementation or deployment. Documents approved for publication by implementation or deployment. Documents approved for publication by
skipping to change at line 85 skipping to change at line 87
1. Introduction 1. Introduction
On June 6th, 2013, an article appeared in _The Guardian_ [Guard2013] On June 6th, 2013, an article appeared in _The Guardian_ [Guard2013]
that was the beginning of a series of what have come to be known as that was the beginning of a series of what have come to be known as
the Snowden revelations, describing certain activities of the United the Snowden revelations, describing certain activities of the United
States National Security Agency (NSA). These activities included, States National Security Agency (NSA). These activities included,
amongst others: secret court orders; secret agreements for the amongst others: secret court orders; secret agreements for the
receipt of so-called "meta-information" that includes source, receipt of so-called "meta-information" that includes source,
destination, and timing of communications; and tapping of destination, and timing of communications; and tapping of
communications lines. The breathtaking scope of the operations communications lines. The breathtaking scope of the operations
shocked the Internet technical community that was reflected in a sea shocked the Internet technical community and resulted in a sea change
change within the IETF, IAB, and other standards organizations. within the IETF, IAB, and other standards organizations.
Now that some years have passed, it seems appropriate to reflect on Now that some years have passed, it seems appropriate to reflect on
that period of time and to consider what effect the community's that period of time and to consider what effect the community's
actions had, where security has improved, how the threat surface has actions had, where security has improved, how the threat surface has
evolved, what areas haven't improved, and where the community might evolved, what areas haven't improved, and where the community might
invest future efforts. invest future efforts.
Bruce Schneier begins this compendium of individual essays by Bruce Schneier begins this compendium of individual essays by
bringing us back to 2013, recalling how it was for him and others to bringing us back to 2013, recalling how it was for him and others to
report what was happening, and the mindset of those involved. Next, report what was happening, and the mindset of those involved. Next,
skipping to change at line 408 skipping to change at line 410
Perhaps the most surreal document disclosures were when artists Perhaps the most surreal document disclosures were when artists
started writing fiction based on the documents. This was in 2016, started writing fiction based on the documents. This was in 2016,
when Laura Poitras built a secure room in New York to house the when Laura Poitras built a secure room in New York to house the
documents. By then, the documents were years out of date. And now documents. By then, the documents were years out of date. And now
they're over a decade out of date. (They were leaked in 2013, but they're over a decade out of date. (They were leaked in 2013, but
most of them were from 2012 or before.) most of them were from 2012 or before.)
I ended up being something of a public ambassador for the documents. I ended up being something of a public ambassador for the documents.
When I got back from Rio, I gave talks at a private conference in When I got back from Rio, I gave talks at a private conference in
Woods Hole, the Berkman Center at Harvard, something called the Woods Hole, the Berkman Center at Harvard, something called the
Congress and Privacy and Surveillance in Geneva, events at both CATO Congress on Privacy and Surveillance in Geneva, events at both CATO
and New America in DC, an event at the University of Pennsylvania, an and New America in DC, an event at the University of Pennsylvania, an
event at EPIC, a "Stop Watching Us" rally in DC, the RISCS conference event at EPIC, a "Stop Watching Us" rally in DC, the RISCS conference
in London, the ISF in Paris, and...then...at the IETF meeting in in London, the ISF in Paris, and...then...at the IETF meeting in
Vancouver in November 2013. (I remember little of this; I am Vancouver in November 2013. (I remember little of this; I am
reconstructing it all from my calendar.) reconstructing it all from my calendar.)
What struck me at the IETF was the indignation in the room, and the What struck me at the IETF was the indignation in the room, and the
calls to action. And there was action, across many fronts. We calls to action. And there was action, across many fronts. We
technologists did a lot to help secure the Internet, for example. technologists did a lot to help secure the Internet, for example.
skipping to change at line 655 skipping to change at line 657
recognise that the lesser risk is to honestly aim to provide the best recognise that the lesser risk is to honestly aim to provide the best
security and privacy practically possible. security and privacy practically possible.
4. Farzaneh Badii: Did Snowden's Revelations Help with Protecting Human 4. Farzaneh Badii: Did Snowden's Revelations Help with Protecting Human
Rights on the Internet? Rights on the Internet?
It is very difficult to empirically measure the effect of Snowden's It is very difficult to empirically measure the effect of Snowden's
revelations on human rights and the Internet. Anecdotally, we have revelations on human rights and the Internet. Anecdotally, we have
been witnessing dominant regulatory and policy approaches that impact been witnessing dominant regulatory and policy approaches that impact
technologies and services that are at the core of protecting human technologies and services that are at the core of protecting human
rights on the Internet. (A range of European Union laws that aims to rights on the Internet. (A range of European Union laws aims to
address online safety or concentration of data. There are many more address online safety or concentration of data. There are many more
regulations that have an impact on the Internet [Masnick2023].) regulations that have an impact on the Internet [Masnick2023].)
There has been little progress in fixing technical and policy issues There has been little progress in fixing technical and policy issues
that help enable human rights. Snowden revelations did not have a that help enable human rights. The Snowden revelations did not
revolutionary effect on our approach towards not using policies and revolutionize the Internet governance and technical approaches to
technical means that have an effect on human rights such as freedom support human rights such as freedom of expression, freedom of
of expression, freedom of association and assembly, and privacy. It association and assembly, and privacy. It did not decrease the
did not decrease the number of Internet shutdowns nor the eagerness number of Internet shutdowns nor the eagerness of authoritarian (and
of authoritarian (and even to some extent democratic) countries to even to some extent democratic) countries to territorialize the
territorialize the Internet. In some cases, the governments argued Internet. In some cases, the governments argued that they should
that they should have more data sovereignty or Internet sovereignty. have more data sovereignty or Internet sovereignty. Perhaps the
Perhaps the revelations helped with the evolution of some technical revelations helped with the evolution of some technical and policy
and policy aspects. aspects.
After Snowden's revelations 10 years ago, engineers and advocates at After Snowden's revelations 10 years ago, engineers and advocates at
the IETF responded in a few ways. One prominent response was the the IETF responded in a few ways. One prominent response was the
issuance of a BCP document, "Pervasive Monitoring Is an Attack" issuance of a BCP document, "Pervasive Monitoring Is an Attack"
[RFC7258] by Farrell and Tschofenig. The responses to the Snowden [RFC7258] by Farrell and Tschofenig. The responses to the Snowden
revelations did not mean that IETF had lost sight of issues such as revelations did not mean that IETF had lost sight of issues such as
privacy and surveillance. There were instances of resistance to privacy and surveillance. There were instances of resistance to
surveillance in the past by engineers (we do not delve into how surveillance in the past by engineers (we do not delve into how
successful that was in protecting human rights). However, successful that was in protecting human rights). However,
historically, many engineers believed that widespread and habitual historically, many engineers believed that widespread and habitual
skipping to change at line 698 skipping to change at line 700
Agency to carry out mass-scale surveillance were recognized by the Agency to carry out mass-scale surveillance were recognized by the
IETF before the Snowden revelations [Garfinkel1995] [RFC6462]. In IETF before the Snowden revelations [Garfinkel1995] [RFC6462]. In
2012, Joy Liddicoat and Avri Doria wrote a report for the Internet 2012, Joy Liddicoat and Avri Doria wrote a report for the Internet
Society that extensively discussed the processes and principles of Society that extensively discussed the processes and principles of
human rights and Internet protocols [Doria2012]. human rights and Internet protocols [Doria2012].
Perhaps the Snowden revelations brought more attention to the IETF Perhaps the Snowden revelations brought more attention to the IETF
and its work as it related to important issues, such as privacy and and its work as it related to important issues, such as privacy and
freedom of expression. It might have also expedited and helped with freedom of expression. It might have also expedited and helped with
more easily convening the Human Rights Protocol Considerations more easily convening the Human Rights Protocol Considerations
Research Group in the Internet Research Task Force (IRTF). Co- Research Group (HRPC) in the Internet Research Task Force (IRTF) in
chaired by Niels ten Oever (who worked at Article 19 at the time) and July 2015. The HRPC RG was originally co-chaired by Niels ten Oever
Internet governance activist Avri Doria, the IRTF in July 2015 (who worked at Article 19 at the time) and Internet governance
chartered a research group on "Human Rights Protocol Considerations" activist Avri Doria. The charter of the HRPC RG states that the
(the HRPC RG). The charter of the HRPC RG stated that the group was group was established: "to research whether standards and protocols
established: "to research whether standards and protocols can enable, can enable, strengthen or threaten human rights, as defined in the
strengthen or threaten human rights, as defined in the Universal Universal Declaration of Human Rights (UDHR) and the International
Declaration of Human Rights (UDHR) and the International Covenant on Covenant on Civil and Political Rights (ICCPR)."
Civil and Political Rights (ICCPR)."
During the past decade, a few successful strides were made to create During the past decade, a few successful strides were made to create
protocols that, when and if implemented, aim at protecting privacy of protocols that, when and if implemented, aim at protecting privacy of
the users, as well as help with reducing pervasive surveillance. the users, as well as help with reducing pervasive surveillance.
These efforts were in keeping with the consensus of the IETF found in These efforts were in keeping with the consensus of the IETF found in
RFC 7258. Sometimes these protocols have anti-censorship qualities RFC 7258. Sometimes these protocols have anti-censorship qualities
as well. A few examples immediately come to mind: 1) the encryption as well. A few examples immediately come to mind: 1) the encryption
of DNS queries (for example, DNS over HTTPS), 2) ACME protocol of DNS queries (for example, DNS over HTTPS), 2) ACME protocol
underpinning the Let's Encrypt initiative, and 3) Registration Data underpinning the Let's Encrypt initiative, and 3) Registration Data
Access Protocol (RDAP) [RFC7480] [RFC7481] [RFC8056] [RFC9082] Access Protocol (RDAP) [RFC7480] [RFC7481] [RFC8056] [RFC9082]
skipping to change at line 793 skipping to change at line 794
addresses causes acquiring them to be interpreted as buying something addresses causes acquiring them to be interpreted as buying something
of value), though the same consideration may not apply to IPv6 of value), though the same consideration may not apply to IPv6
address resources. But IPv6 adoption itself depends on a host of address resources. But IPv6 adoption itself depends on a host of
complex factors that are by no means limited to technical comparisons complex factors that are by no means limited to technical comparisons
of the properties of IPv4 and IPv6. Someone focused only on of the properties of IPv4 and IPv6. Someone focused only on
technical features of protocols may devise an elegant solution but be technical features of protocols may devise an elegant solution but be
surprised both by deployment challenges and unintended downstream surprised both by deployment challenges and unintended downstream
effects. Sometimes there are arguments over implementation of a effects. Sometimes there are arguments over implementation of a
protocol because as it is perceived, while it can protect freedom of protocol because as it is perceived, while it can protect freedom of
expression and reduce surveillance, it can hamper other human rights. expression and reduce surveillance, it can hamper other human rights.
For instance, we still have doubts about implementing DNS over HTTPS For instance, the technical community and some network operators
without seriously considering its contributions to fight with still have doubts about the implementation of DNS over HTTPS, despite
censorship and bring encryption to DNS queries. The arguments its potential to circumvent censorship and its ability to encrypt DNS
against implementation of DoH include protection of children online queries. The arguments against implementation of DoH include
and lack of law enforcement access to data. protection of children online and lack of law enforcement access to
data.
We must acknowledge that sometimes the technical solutions that we We must acknowledge that sometimes the technical solutions that we
use that protect one right (for example, encryption to protect the use that protect one right (for example, encryption to protect the
right to privacy or to prevent surveillance) could potentially affect right to privacy or to prevent surveillance) could potentially affect
technical and policy solutions that try to protect other human rights technical and policy solutions that try to protect other human rights
(for example, encryption could prevent financial institutions from (for example, encryption could prevent financial institutions from
monitoring employees' network activities to detect fraudulent monitoring employees' network activities to detect fraudulent
behavior). Acknowledging and identifying these conflicts can help us behavior). Acknowledging and identifying these conflicts can help us
come up with alternative techniques that could protect human rights come up with alternative techniques that could protect human rights
while not hampering other technical solutions such as encryption. while not hampering other technical solutions such as encryption.
skipping to change at line 837 skipping to change at line 839
for [Badii2021]). Contextualization and impact assessment can reveal for [Badii2021]). Contextualization and impact assessment can reveal
how each Internet protocol or each line of code, in which systems, how each Internet protocol or each line of code, in which systems,
have an impact on which and whose human rights. have an impact on which and whose human rights.
The HRPC RG (which I am a part of) and the larger human rights and The HRPC RG (which I am a part of) and the larger human rights and
policy analyst communities are still struggling to analyze legal, policy analyst communities are still struggling to analyze legal,
social, and market factors alongside the protocols to have a good social, and market factors alongside the protocols to have a good
understanding of what has an impact and what has to be changed. It understanding of what has an impact and what has to be changed. It
is hard, but it is not impossible. If we thoroughly document and is hard, but it is not impossible. If we thoroughly document and
research the lifecycle of an Internet protocol and contextualize it, research the lifecycle of an Internet protocol and contextualize it,
we might have a better understanding of how and if we can actually we might have a better understanding of which parts of the protocol
fix which parts of the protocol in order to protect human rights. to fix and how to fix them in order to protect human rights.
Overall, the revelations did, to some extent, contribute to the Overall, the revelations did, to some extent, contribute to the
evolution of our ideas and perspectives. Our next step should be to evolution of our ideas and perspectives. Our next step should be to
undertake research on the impact of Internet systems (including undertake research on the impact of Internet systems (including
Internet protocols) on human rights, promote the implementation of Internet protocols) on human rights, promote the implementation of
protocols good for human rights through policy and advocacy, and protocols good for human rights through policy and advocacy, and
focus on which technical parts we can standardize to help with more focus on which technical parts we can standardize to help with more
widespread implementation of human-rights-enabling Internet widespread implementation of human-rights-enabling Internet
protocols. protocols.
skipping to change at line 890 skipping to change at line 892
[Kahn1996]. In Elizabethan times in England, Sir Francis [Kahn1996]. In Elizabethan times in England, Sir Francis
Walsingham's intelligence agency intercepted and decrypted messages Walsingham's intelligence agency intercepted and decrypted messages
from Mary, Queen of Scots; these messages formed some of the from Mary, Queen of Scots; these messages formed some of the
strongest evidence against her and eventually led to her execution strongest evidence against her and eventually led to her execution
[Kahn1996]. [Kahn1996].
This pattern continued for centuries. In the United States, Thomas This pattern continued for centuries. In the United States, Thomas
Jefferson invented the so-called wheel cipher in the late 18th Jefferson invented the so-called wheel cipher in the late 18th
century; it was reinvented about 100 years later by Étienne Bazeries century; it was reinvented about 100 years later by Étienne Bazeries
and used as a standard American military cipher well into World War and used as a standard American military cipher well into World War
II [Kahn1996]. Jefferson and other statesmen of that era regularly II [Kahn1996]. Jefferson and other statesmen of the late 18th and
used cryptography when communicating with each other. An encrypted early 19th centuries regularly used cryptography when communicating
message was even part of the evidence introduced in Aaron Burr's 1807 with each other. An encrypted message was even part of the evidence
trial for treason [Kerr2020] [Kahn1996]. Edgar Allan Poe claimed introduced in Aaron Burr's 1807 trial for treason [Kerr2020]
that he could cryptanalyze any message sent to him [Kahn1996]. [Kahn1996]. Edgar Allan Poe claimed that he could cryptanalyze any
message sent to him [Kahn1996].
The telegraph era upped the ante. In the US, just a year after The telegraph era upped the ante. In the US, just a year after
Samuel Morse deployed his first telegraph line between Baltimore and Samuel Morse deployed his first telegraph line between Baltimore and
Washington, his business partner, Francis Smith, published a codebook Washington, his business partner, Francis Smith, published a codebook
to help customers protect their traffic from prying eyes [Smith1845]. to help customers protect their traffic from prying eyes [Smith1845].
In 1870, Britain nationalized its domestic telegraph network; in In 1870, Britain nationalized its domestic telegraph network; in
response, Robert Slater published a more sophisticated codebook response, Robert Slater published a more sophisticated codebook
[Slater1870]. On the government side, Britain took advantage of its [Slater1870]. On the government side, Britain took advantage of its
position as the central node in the world's international telegraphic position as the central node in the world's international telegraphic
networks to read a great deal of traffic passing through the country networks to read a great deal of traffic passing through the country
skipping to change at line 1012 skipping to change at line 1015
was clearly insisted on by the NSA: the key size was shortened, from was clearly insisted on by the NSA: the key size was shortened, from
Lucifer's 112 bits to DES's 56 bits. We now know that the NSA wanted Lucifer's 112 bits to DES's 56 bits. We now know that the NSA wanted
a 48-bit key size, while IBM wanted 64 bits; they compromised at 56 a 48-bit key size, while IBM wanted 64 bits; they compromised at 56
bits. bits.
Whitfield Diffie and Martin Hellman, at Stanford University, wondered Whitfield Diffie and Martin Hellman, at Stanford University, wondered
about the 56-bit keys. In 1979, they published a paper demonstrating about the 56-bit keys. In 1979, they published a paper demonstrating
that the US government, but few others, could afford to build a that the US government, but few others, could afford to build a
brute-force cracking machine, one that could try all 2^56 possible brute-force cracking machine, one that could try all 2^56 possible
keys to crack a message. NSA denied tampering with the design; a keys to crack a message. NSA denied tampering with the design; a
Senate investigating committee found that that was correct, but did Senate investigating committee found that assertion to be correct,
not discuss the shortened key length issue. but did not discuss the shortened key length issue.
This, however, was not Diffie and Hellman's greatest contribution to This, however, was not Diffie and Hellman's greatest contribution to
cryptology. A few years earlier, they published a paper inventing cryptology. A few years earlier, they had published a paper
what is now known as public key cryptography. (In fact, public key inventing what is now known as public key cryptography. (In fact,
encryption had been invented a few years earlier at UK Government public key encryption had been invented a few years earlier at UK
Communications Headquarters (GCHQ), but they kept their discovery Government Communications Headquarters (GCHQ), but they kept their
classified until 1997.) In 1978, Ronald Rivest, Adi Shamir, and discovery classified until 1997.) In 1978, Ronald Rivest, Adi
Leonard Adleman devised the RSA algorithm, which made it usable. (An Shamir, and Leonard Adleman devised the RSA algorithm, which made it
NSA employee, acting on his own, sent a letter warning that academic usable. (An NSA employee, acting on his own, sent a letter warning
conferences on cryptology might violate US export laws.) that academic conferences on cryptology might violate US export
laws.)
Around the same time, George Davida at the University of Wisconsin Around the same time, George Davida at the University of Wisconsin
applied for a patent on a stream cipher; the NSA slapped a secrecy applied for a patent on a stream cipher; the NSA slapped a secrecy
order on the application. This barred him from even talking about order on the application. This barred him from even talking about
his invention. The publicity was devastating; the NSA had to back his invention. The publicity was devastating; the NSA had to back
down. down.
The Crypto Wars had thus begun: civilians were inventing strong The Crypto Wars had thus begun: civilians were inventing strong
encryption systems, and the NSA was tampering with them or trying to encryption systems, and the NSA was tampering with them or trying to
suppress them. Bobby Inman, the then-director of the NSA, tried suppress them. Bobby Inman, the then-director of the NSA, tried
skipping to change at line 1291 skipping to change at line 1295
(acme)", <https://datatracker.ietf.org/wg/acme/about/>. (acme)", <https://datatracker.ietf.org/wg/acme/about/>.
[Adrian2015] [Adrian2015]
Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P., Adrian, D., Bhargavan, K., Durumeric, Z., Gaudry, P.,
Green, M., Halderman, J. A., Heninger, N., Springhall, D., Green, M., Halderman, J. A., Heninger, N., Springhall, D.,
Thomé, E., Valenta, L., VanderSloot, B., Wustrow, E., Thomé, E., Valenta, L., VanderSloot, B., Wustrow, E.,
Zanella-Béguelin, S., and P. Zimmermann, "Imperfect Zanella-Béguelin, S., and P. Zimmermann, "Imperfect
Forward Secrecy: How Diffie-Hellman Fails in Practice", Forward Secrecy: How Diffie-Hellman Fails in Practice",
CCS '15: Proceedings of the 22th ACM Conference on CCS '15: Proceedings of the 22th ACM Conference on
Computer and Communications Security, October 2015, Computer and Communications Security, October 2015,
<https://weakdh.org/imperfect-forward-secrecy.pdf>. <https://dl.acm.org/doi/10.1145/2810103.2813707>.
[Badii2021] [Badii2021]
Badiei, F., Fidler, B., and The Pennsylvania State Badiei, F., Fidler, B., and The Pennsylvania State
University Press, "The Would-Be Technocracy: Evaluating University Press, "The Would-Be Technocracy: Evaluating
Efforts to Direct and Control Social Change with Internet Efforts to Direct and Control Social Change with Internet
Protocol Design", Journal of Information Policy, vol. 11, Protocol Design", Journal of Information Policy, vol. 11,
pp. 376-402, DOI 10.5325/jinfopoli.11.2021.0376, December pp. 376-402, DOI 10.5325/jinfopoli.11.2021.0376, December
2021, <https://doi.org/10.5325/jinfopoli.11.2021.0376>. 2021, <https://doi.org/10.5325/jinfopoli.11.2021.0376>.
[Badii2023] [Badii2023]
skipping to change at line 1321 skipping to change at line 1325
[BellovinRescorla2006] [BellovinRescorla2006]
Bellovin, S. M. and E. K. Rescorla, "Deploying a New Hash Bellovin, S. M. and E. K. Rescorla, "Deploying a New Hash
Algorithm", Proceedings of NDSS '06, February 2006, Algorithm", Proceedings of NDSS '06, February 2006,
<https://www.cs.columbia.edu/~smb/papers/new-hash.pdf>. <https://www.cs.columbia.edu/~smb/papers/new-hash.pdf>.
[Blaze1994] [Blaze1994]
Blaze, M., "Protocol Failure in the Escrowed Encryption Blaze, M., "Protocol Failure in the Escrowed Encryption
Standard", CCS '94: Proceedings of Second ACM Conference Standard", CCS '94: Proceedings of Second ACM Conference
on Computer and Communications Security, 1994, on Computer and Communications Security, 1994,
<https://www.mattblaze.org/papers/eesproto.pdf>. <https://dl.acm.org/doi/10.1145/191177.191193>.
[Borda2011] [Borda2011]
Borda, M., "Fundamentals in Information Theory and Borda, M., "Fundamentals in Information Theory and
Coding", Springer-Berlin, May 2011. Coding", Springer-Berlin, May 2011.
[Broad1982] [Broad1982]
Broad, W. J., "Evading the Soviet Ear at Glen Cove", Broad, W. J., "Evading the Soviet Ear at Glen Cove",
Science, 217:4563, pp. 910-911, September 1982. Science, 217:4563, pp. 910-911, September 1982,
<https://www.science.org/doi/abs/10.1126/
science.217.4563.910>.
[CFRG] IRTF, "Crypto Forum (cfrg)", [CFRG] IRTF, "Crypto Forum (cfrg)",
<https://datatracker.ietf.org/rg/cfrg/about/>. <https://datatracker.ietf.org/rg/cfrg/about/>.
[Checkoway2016] [Checkoway2016]
Checkoway, S., Maskiewicz, J., Garman, C., Fried, J., Checkoway, S., Maskiewicz, J., Garman, C., Fried, J.,
Cohney, S., Green, M., Heninger, N., Weinmann, R. P., Cohney, S., Green, M., Heninger, N., Weinmann, R. P.,
Rescorla, E., and Hovav Shacham, "A Systematic Analysis of Rescorla, E., and Hovav Shacham, "A Systematic Analysis of
the Juniper Dual EC Incident", CCS '16: Proceedings of the the Juniper Dual EC Incident", CCS '16: Proceedings of the
2016 ACM SIGSAC Conference on Computer and Communications 2016 ACM SIGSAC Conference on Computer and Communications
Security, pp. 468-479, October 2016, Security, pp. 468-479, October 2016,
<https://dl.acm.org/citation.cfm?id=2978395>. <https://dl.acm.org/citation.cfm?id=2978395>.
[CURDLE] IETF, "CURves, Deprecating and a Little more Encryption [CURDLE] IETF, "CURves, Deprecating and a Little more Encryption
(curdle)", (curdle)",
<https://datatracker.ietf.org/wg/curdle/about/>. <https://datatracker.ietf.org/wg/curdle/about/>.
[Curtiz] Curtiz, M., "Casablanca", Warner Bros. Pictures, November [Curtiz] Curtiz, M., Epstein, J. J., Epstein, P. G., and H. Koch,
1942. "Casablanca", Warner Bros. Pictures, November 1942.
[Doria2012] [Doria2012]
Liddicoat, J. and A. Doria, "Human Rights and Internet Liddicoat, J. and A. Doria, "Human Rights and Internet
Protocols: Comparing Processes and Principles", The Protocols: Comparing Processes and Principles", The
Internet Society, December 2012, Internet Society, December 2012,
<https://www.internetsociety.org/resources/doc/2012/human- <https://www.internetsociety.org/resources/doc/2012/human-
rights-and-internet-protocols-comparing-processes-and- rights-and-internet-protocols-comparing-processes-and-
principles/>. principles/>.
[Dual-EC] Bernstein, D., Lange, T., and R. Niederhagen, "Dual EC: A [Dual-EC] Bernstein, D., Lange, T., and R. Niederhagen, "Dual EC: A
skipping to change at line 1400 skipping to change at line 1406
Secret Communication from Ancient Times to the Internet", Secret Communication from Ancient Times to the Internet",
2nd Edition, Scribner, 1996. 2nd Edition, Scribner, 1996.
[Kennedy1971] [Kennedy1971]
Kennedy, P. M., "Imperial cable communications and Kennedy, P. M., "Imperial cable communications and
strategy, 1870-1914", English Historical Review, 86:341, strategy, 1870-1914", English Historical Review, 86:341,
pp. 728-752, Oxford University Press, October 1971, pp. 728-752, Oxford University Press, October 1971,
<https://www.jstor.org/stable/563928>. <https://www.jstor.org/stable/563928>.
[Kerr2020] Kerr, O. S., "Decryption Originalism: The Lessons of [Kerr2020] Kerr, O. S., "Decryption Originalism: The Lessons of
Burr", Harvard Law Review, 134:905, January 2021. Burr", Harvard Law Review, 134:905, January 2021,
<https://papers.ssrn.com/sol3/
papers.cfm?abstract_id=3533069>.
[Kostyuk2022] [Kostyuk2022]
Kostyuk, N. and S. Landau, "Dueling over DUAL_EC_DRBG: The Kostyuk, N. and S. Landau, "Dueling over DUAL_EC_DRBG: The
Consequences of Corrupting a Cryptographic Standardization Consequences of Corrupting a Cryptographic Standardization
Process", Harvard National Security Journal, 13:2, pp. Process", Harvard National Security Journal, 13:2, pp.
224-284, June 2022, <https://www.harvardnsj.org/wp- 224-284, June 2022, <https://www.harvardnsj.org/wp-
content/uploads/sites/13/2022/06/Vol13Iss2_Kostyuk- content/uploads/sites/13/2022/06/Vol13Iss2_Kostyuk-
Landau_Dual-EC-DRGB.pdf>. Landau_Dual-EC-DRGB.pdf>.
[Landau1988] [Landau1988]
Landau, S., "Zero Knowledge and the Department of Landau, S., "Zero Knowledge and the Department of
Defense", Notices of the American Mathematical Society, Defense", Notices of the American Mathematical Society,
35:1, pp. 5-12, January 1988. 35:1, pp. 5-12, January 1988,
<https://privacyink.org/pdf/Zero_Knowledge.pdf>.
[Landau2014] [Landau2014]
Landau, S., "Under the Radar: NSA's Efforts to Secure Landau, S., "Under the Radar: NSA's Efforts to Secure
Private-Sector Telecommunications Infrastructure", Journal Private-Sector Telecommunications Infrastructure", Journal
of National Security Law & Policy, 7:3, September 2014. of National Security Law & Policy, 7:3, September 2014,
<https://jnslp.com/wp-content/uploads/2015/03/
NSA%E2%80%99s-Efforts-to-Secure-Private-Sector-
Telecommunications-Infrastructure_2.pdf>.
[LE] Aas, J., Barnes, R., Case, B., Durumeric, Z., Eckersley, [LE] Aas, J., Barnes, R., Case, B., Durumeric, Z., Eckersley,
P., Flores-López, A., Halderman, A., Hoffman-Andrews, J., P., Flores-López, A., Halderman, A., Hoffman-Andrews, J.,
Kasten, J., Rescorla, E., Schoen, S. D., and B. Warren, Kasten, J., Rescorla, E., Schoen, S. D., and B. Warren,
"Let's Encrypt: An Automated Certificate Authority to "Let's Encrypt: An Automated Certificate Authority to
Encrypt the Entire Web", CCS '19: Proceedings of the 2019 Encrypt the Entire Web", CCS '19: Proceedings of the 2019
ACM SIGSAC Conference on Computer and Communications ACM SIGSAC Conference on Computer and Communications
Security, November 2019, Security, November 2019,
<https://dl.acm.org/doi/pdf/10.1145/3319535.3363192>. <https://dl.acm.org/doi/pdf/10.1145/3319535.3363192>.
skipping to change at line 1457 skipping to change at line 1469
espionage/>. espionage/>.
[Moore2015] [Moore2015]
Moore, H. D., "CVE-2015-7755: Juniper ScreenOS Moore, H. D., "CVE-2015-7755: Juniper ScreenOS
Authentication Backdoor", Rapid7, December 2015, Authentication Backdoor", Rapid7, December 2015,
<https://www.rapid7.com/blog/post/2015/12/20/cve- <https://www.rapid7.com/blog/post/2015/12/20/cve-
2015-7755-juniper-screenos-authentication-backdoor/>. 2015-7755-juniper-screenos-authentication-backdoor/>.
[MPLS-OPPORTUNISTIC-ENCRYPT] [MPLS-OPPORTUNISTIC-ENCRYPT]
Farrel, A. and S. Farrell, "Opportunistic Security in MPLS Farrel, A. and S. Farrell, "Opportunistic Security in MPLS
Networks", Work in Progress, Internet-Draft, draft- Networks", Work in Progress, Internet-Draft, draft-ietf-
farrelll-mpls-opportunistic-encrypt-05, 17 June 2015, mpls-opportunistic-encrypt-03, 28 March 2017,
<https://datatracker.ietf.org/doc/html/draft-farrelll- <https://datatracker.ietf.org/doc/html/draft-ietf-mpls-
mpls-opportunistic-encrypt-05>. opportunistic-encrypt-03>.
[Perpass] IETF, "perpass mailing list", [Perpass] IETF, "perpass mailing list",
<https://mailarchive.ietf.org/arch/browse/perpass/>. <https://mailarchive.ietf.org/arch/browse/perpass/>.
[Perpass-BoF] [Perpass-BoF]
IETF, "perpass BoF -- Handling Pervasive Monitoring in the IETF, "perpass BoF -- Handling Pervasive Monitoring in the
IETF", IETF 88 Proceedings, November 2013, IETF", IETF 88 Proceedings, November 2013,
<https://www.ietf.org/proceedings/88/perpass.html>. <https://www.ietf.org/proceedings/88/perpass.html>.
[Plenary-video] [Plenary-video]
 End of changes. 19 change blocks. 
61 lines changed or deleted 73 lines changed or added

This html diff was produced by rfcdiff 1.48.