Snowden's NSA Leaks Gave IETF a Needed Security Wake-up Call

alphadogg writes "Security and how to protect users from pervasive monitoring will dominate the proceedings when members of Internet Engineering Task Force meet in London starting Sunday. For an organization that develops the standards we all depend on for the Internet to work, the continued revelations made by NSA whistleblower Edward Snowden have had wide-ranging repercussions. 'It wasn't a surprise that some activities like this are going on. I think that the scale and some of the tactics surprised the community a little bit. ... You could also argue that maybe we needed the wake-up call,' said IETF Chairman Jari Arkko. Part of that work will also be to make security features easier to use and for the standards organization to think of security from day one when developing new protocols."

two words: trusted proxy

[bazmail]

they still suggest things that hep the spy agencies like utterly retarded "trusted proxy" garbage. they are either still asleep or part of the spying apparatus.

Re:two words: trusted proxy

[jonwil]

We need to replace both SSL/TLS AND the broken CA cert model with a new security system specifically designed so its NOT possible to build such a "trusted proxy" or otherwise MITM the connection even if you control the client (i.e. all those corporate solutions that require a special root certificate on the client and then use that to proxy SSL in a way that users generally wont notice unless they start looking at the certificate details)

Re:two words: trusted proxy

[mlyle]

Uh.. secure communications for the client even if the adversary controls the client? Good luck with that.

Re: two words: trusted proxy

[Anonymous Coward]

I'll give you a hint. If it involves a premise of "trusted" it can't be.