[cryptography] Fwd: [gsc] Fwd: OpenBSD IPSEC backdoor(s)

Marsh Ray marsh at extendedsubset.com
Thu Dec 16 20:06:35 EST 2010

On 12/16/2010 04:46 PM, Steven Bellovin wrote:
> I've known Angelos Keromytis since about 1997; he's now a colleague
> of mine on the faculty at Columbia.  I've known John Ioannidis -- the
> other name attached to that code -- for considerably longer.  I've
> written papers with both of them.  To anyone who knows them, the
> thought that either would insert a bug at the FBI's behest is, shall
> we say, preposterous.

For the record, though I don't know him, I agree with that sentiment.

There were some wild accusations made and widely repeated, I'm trying my 
best to stick to facts and not direct accusations about anyone.

There was a need for facts, so I went diving into CVS logs and mailing 
list archives. This is some of the stuff I found that might fit the 
claims. I would be very reluctant to draw any conclusions for a long time.

Possibly the thing which gets proven here is that even high-quality 
clean C code is very difficult to make provable statements about, even 
with the benefit of hindsight.

- Marsh

More information about the cryptography mailing list