Things are slowly coming out about what happened a month ago in New York city, and my initial questions still go unanswered, many excuses are being spun but very few answers are given freely, and this is really disappointing coming from the Mozilla guys.
Mozilla touts, like many open source projects that being open and free is a major benefit to society, yet they then have the hide to turn round and conspire with commercial interests behind close door for what we’re being told will be the benefit of the internet.
I’m not sure about anyone else but my memory isn’t that bad that I’ve forgotten how US commercial interests don’t do anything unless it will effect their bottom line, either for increased profits, or due to regulatory disputes planning to inflict fines or other restrictions that will hurt their bottom line. This is highlighted only too well in the current SPF vs Sender ID debate, Microsoft as usual came in late to the game thinking, “we’ve missed another boat, what the hell do we do now?”. What they came up with, was a small variation of SPF then turned round and requested a patent on their “innovation”!
Microsoft then did what Microsoft always does, turned round and tried to inflict their “invention” on us, but it was no olive branch, it was a thorny stem with no rose on the end, basically they have and are still trying to take control of email via a patented invention that does very little more then what SPF does, in fact they are still trying to push through their “invention” by brute force. Since the MADRID task force collapsed due to lack of consensus, Microsoft has a solution lacking mass adoption, so they are planning to mark any email being sent to their domains as junk that don’t support (or properly support) Sender ID.
So anyway back to the current story, basically Mozilla hasn’t learnt from history and they actually think they will be able to do more good then harm from closed door talks then what happened with MADRID. I doubt anyone will claim the internet could be where it is without open standards, and open discussions preceding before that, hell CAcert thrives based on open discussions, there are a lot of smart people out there with a lot of good ideas and we’d be mad to simply ignore them.
However this is exactly what the Mozilla guys have done, and in the process alienated a lot of smart specialists in the area they are trying to define, the end result will be that we all suffer, and a very good example of where this has happened in the past is with Wifi security (this is after all how CAcert begun, bad Wifi security needing something else to protect information), basically cryptography experts weren’t consulted openly and we ended up with something basically a waste of time that can be cracked in minutes, so tell me how those closed door talks helped society exactly.
Ian from FinancialCryptography has some more information on the topic on his blog as well, which is well worth the read. https://www.financialcryptography.com/mt/archives/000514.html