November 24, 2025
Standards, scandals, seatbelts
NSA and IETF, part 3: Dodging the issues at hand
IETF’s crypto fight goes full reality show: memes, receipts, and seatbelts
TLDR: IETF is accused of fast-tracking an NSA-backed web security option without true agreement. Commenters split between memes and evidence drops, debating whether djb is exposing broken process or pushing conspiracy vibes—because how we standardize encryption affects everyone’s online safety.
The internet standards soap opera just hit a new season: a US standards group (IETF) is pushing an NSA-backed “non-hybrid” security option for web connections, while critics say the safe move is the hybrid approach—think old seatbelt + new airbag. The blog’s author (cryptography icon D. J. Bernstein, aka djb) alleges the process was rigged, objections ignored, and appeals stonewalled with excuses like “PDF discourages participation.” The comments instantly turned into a meme-fueled courtroom. One user channeled viral council chaos—“You have no authority here, djb!”—while others defended djb’s legacy and said the blog reads like Bigfoot-but-math conspiracy vibes. Receipts were dropped: NIST email drama, FOIA lawsuits, and djb’s past critiques of government crypto (Kyber-512). Behind the memes, the core beef is simple: “consensus” means agreement, not just “lots of people willing to skim a draft.” Fans frame it as process integrity vs. security shortcuts; skeptics say the tone undermines the message. One camp calls it corruption and censorship in internet plumbing. The other shrugs—standardization is messy, rough consensus is fine, ship it. And yes, the “cars without seatbelts” analogy got quoted like a TikTok sound bite. Buckle up: now the IETF’s steering group wants answers on whether “consensus” was called properly, turning a niche crypto debate into a full-blown governance drama.
Key Points
- •The IETF TLS Working Group is standardizing hybrid ECC+PQ for TLS, while a separate non-hybrid PQ draft associated with the NSA is being advanced as another option.
- •In April 2025, the TLS WG chairs called for adoption of the non-hybrid draft; the author reports 20 supports, 2 conditional supports, and 7 oppositions during the call.
- •Despite objections, the chairs declared consensus to adopt; an area director stated there were 67 responses with a vast majority favoring adoption.
- •The chairs later justified the consensus decision by citing sufficient interest and willingness to review, which the author challenges.
- •Complaints were escalated: to security area directors in June 2025, then to the IESG in August; in November 2025, the IESG instructed the area director to assess whether rough consensus was appropriately called for draft-connolly-tls-mlkem-key-agreement.