Date: Mon, 19 Jun 95 00:36:59 PDT
From: rogaway@cs.ucdavis.edu (Phil Rogaway)
To: rivest@theory.lcs.mit.edu
Subject: Terrible IETF Internet Drafts about to become Draft Standards
Cc: rogaway@cs.ucdavis.edu

Dear Ron, 

I don't know if you've been following what's been going on in the IETF 
IP Security Working Group.  My take: a group of people with little 
discernible cryptographic expertise have gone off and defined the 
security architecture and mechanisms for the next generation of the 
Internet Protocol.  Their work product (which you can find on the 
WWW under ftp://ds.internic.net/internet-drafts; the files are
<draft-ietf-ipsec-arch-02.txt>, <draft-ietf-ipsec-auth-02.txt>, 
<draft-ietf-ipsec-esp-01.txt>, <draft-ietf-ipsec-ah-md5-03.txt>, and
<draft-ietf-ipsec-esp-des-cbc-04.txt>) is a terribly flawed and immature 
set of documents.  

To the skilled cryptographers of our community, reading these documents 
will almost certainly yield the same conclusion.  But for whatever
reasons, this seems so far to have been irrelevant: those in power within 
the IETF seem set on proceeding with the current drafts.  I feel a bit 
like the child who shouts (in a voice no one hears) that the emperor 
wears no clothes....

I have come to realize that it is going to take someone with
substantially greater influence than I have to derail this
standardization push: my voice carries no weight among these people.
I have already spent many days time to read these drafts, follow what
transpires on an inane mailing, and provide criticisms to the Working
Group.  This input has been completely ignored.  You can find a copy
of one set of my criticisms (3 April 1995 mail to ipsec@ans.net) in
http://www.cs.ucdavis.edu/~rogaway/papers/draft-rogaway-ipsec-comments-00.txt.

The final call for comments, directed to the IESG (iesg@cnri.reston.va.us)
is now out.   Comments are due by June 30.  If you can afford the time to 
look over the above materials and form an opinion, your words 
will count far more than mine.   I defer to your judgment on how to provide 
feedback in a way to ensure it has an impact.  Some possibilities include:
I can draft a joint letter (which we can circulate for further signatures);
you could draft a letter individually; or you could have some
discussions "behind the scenes" (e.g., Jeff Schiller is the head of 
IP Security).  Additionally, a conference paper on this (e.g. for 
USENIX) might be worthwhile.

Please let me know your thoughts.  I suspect that these proposals will 
be virtually invincible once they become Draft Standards.  And I believe 
these particular documents becoming standards is a very bad thing for the 
future of the Internet.

Regards,
Phil Rogaway