[ih] Security issues are not discussed in this memo [was: A revolution...]

Thu May 14 20:09:45 PDT 2026

In the 1990s, I remember seeing in various trade press entire articles 
that I had written - that I had never seen before.  It turned out that 
ghost-written articles were being written by someone and submitted with 
my name as author.

Weren't there efforts back then to define standards for proving 
authorship using digital signatures or such stuff...?  What ever 
happened to that?

/Jack Haverty

On 5/14/26 16:30, vinton cerf via Internet-history wrote:
> I sure do NoT remember that quote!!!
>
> v
>
>
> On Thu, May 14, 2026 at 6:36 PM Barbara Denny via Internet-history <
> internet-history at elists.isoc.org> wrote:
>
>>   Not sure what you were thinking when you said serious and which people.
>> I imagine many people aren't familiar with this law case (Note John
>> Markoff reporting in all the original articles)
>> https://www.nytimes.com/1992/12/08/us/hacker-indicted-on-spy-charges.html
>> Then there is this long running case  around the same timeframe
>>
>> https://archive.nytimes.com/www.nytimes.com/library/cyber/hackstock/950217hacker-case-underscores.html
>> Vint is quoted in the link above.
>> John Markoff also covered the Morris Worm
>> This link is more of a retrospective of that event.
>>
>> https://www.nytimes.com/times-insider/2014/08/06/1988-the-internet-comes-down-with-a-virus/
>> This article also claims the Markoff piece on the Morris worm is the first
>> time the Internet is mentioned in the NY Times.
>> barbara
>>      On Thursday, May 14, 2026 at 11:03:06 AM PDT, Barbara Denny <
>> b_a_denny at yahoo.com> wrote:
>>
>>    Another name popped up into my head whose works on security you might
>> want to look into is Dorothy Denning. She also spent some time at SRI.
>> When I first got to SRI, she was mentioned to me because of the similarity
>> of our last names.
>> BTW, if you can't reach Peter I might be able to help.  I know Peter more
>> through music (bassoonist).
>> barbara
>>
>>      On Monday, May 11, 2026 at 04:51:19 PM PDT, the keyboard of geoff
>> goodfellow via Internet-history <internet-history at elists.isoc.org>
>> wrote:
>>
>>   vis-a-vis the Morris worm released in November 1988:
>>
>> The Berkeley Hillside Club on Feb 24, 2022 had a Fireside Meeting with Eric
>> Allman -- the programmer who developed sendmail "... about those early,
>> heady days as electronic communication began to be an essential part of all
>> of our lives. This conversation will discuss the origins of sendmail, the
>> attitudes of the time, and how the Internet grew and changed over the
>> years."
>>
>> During this Fireside Meetings Q&A yours truly asked Eric:
>>
>> *"Could you give some backstory about the sendmail DEBUG command that
>> contributed to the Morris Internet Worm incident of 1988?"*
>>
>> his backstory reply is queued below at the 51:15 minute mark:
>>
>> https://youtu.be/j6h-jCxtSDA?si=EepWGNh4Yv5ckv1l&t=3075
>>
>> g
>>
>> On Mon, May 11, 2026 at 2:10 PM Greg Skinner via Internet-history <
>> internet-history at elists.isoc.org> wrote:
>>
>>> On May 10, 2026, at 9:31 PM, Brian E Carpenter <
>>> brian.e.carpenter at gmail.com> wrote:
>>>> On 11-May-26 12:09, Greg Skinner via Internet-history wrote:
>>>> ...
>>>>> I’m not sure what Andrew Sullivan meant by “give away.” IMO, the USG
>>> had a much more liberal attitude towards 1970s and 1980s Internet
>>> technology, as well as the Internet itself, than it did towards
>>> cryptographic technology at that time.  The history of PGP <
>>> https://en.wikipedia.org/wiki/Pretty_Good_Privacy> provides an example
>> of
>>> this.  If the Internet and/or Internet technology had been subject to
>>> tighter access and export controls, neither might have (as easily) become
>>> what they are today.  (I realize there is a lot more to this, and would
>>> welcome others who have much more experience than I do in this area to
>>> comment.)
>>>> When did people start to think seriously about security (which is much
>>> more than cryptography, of course)?
>>>> It was RFC 1311 (March 1992) that introduced the infamous phrase
>>> "Security issues are not discussed in this memo" which was used quite
>>> liberally for a long time. "Security Considerations" sections in RFCs
>> seem
>>> have become normal around 1989, but most of them were very weak for many
>>> years. (At CERN, we saw elementary attacks from about 1986, mainly via
>>> DECNET, and we first appointed a network security person in about 1988.)
>>>> Of course, by the time the PGP mess came along, it was clear that NSA
>>> and its friends were taking a lot of interest in the Internet, and we
>> poked
>>> the hornet's nest in the mid-1990s with RFC 1984. But DARPA funding was
>>> gone by then.
>>>> Regards/Ngā mihi
>>>>   Brian Carpenter
>>>  From what I remember, there were various mailing lists and newsgroups
>>> dating back (at least) to the 1980s where security issues were discussed.
>>> One list, the RISKS digest, is maintained by Peter Neumann <
>>> https://en.wikipedia.org/wiki/Peter_G._Neumann>, who was mentioned
>>> earlier in this thread.
>>>
>>> When the Morris worm was released in November 1988, it sparked a lot of
>>> discussion on many lists, such as the RISKS digest. [1] [2] Eventually,
>> RFC
>>> 1135 was written about it. [3] IMO, that incident raised consciousness
>>> about security among IETF people, implementors of network protocols and
>>> services, etc.
>>>
>>> [1] https://en.wikipedia.org/wiki/Morris_worm
>>> [2] https://catless.ncl.ac.uk/risks/7/69
>>> [3] https://www.rfc-editor.org/rfc/rfc1135
>>>
>>> --gregbo
>>>
>>>
>>> --
>>> Internet-history mailing list
>>> Internet-history at elists.isoc.org
>>> https://elists.isoc.org/mailman/listinfo/internet-history
>>> -
>>> Unsubscribe:
>>>
>> https://app.smartsheet.com/b/form/9b6ef0621638436ab0a9b23cb0668b0b?The%20list%20to%20be%20unsubscribed%20from=Internet-history
>>>
>> --
>> Geoff.Goodfellow at iconia.com
>> living as The Truth is True
>> --
>> Internet-history mailing list
>> Internet-history at elists.isoc.org
>> https://elists.isoc.org/mailman/listinfo/internet-history
>> -
>> Unsubscribe:
>> https://app.smartsheet.com/b/form/9b6ef0621638436ab0a9b23cb0668b0b?The%20list%20to%20be%20unsubscribed%20from=Internet-history
>>
>> --
>> Internet-history mailing list
>> Internet-history at elists.isoc.org
>> https://elists.isoc.org/mailman/listinfo/internet-history
>> -
>> Unsubscribe:
>> https://app.smartsheet.com/b/form/9b6ef0621638436ab0a9b23cb0668b0b?The%20list%20to%20be%20unsubscribed%20from=Internet-history
>>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 665 bytes
Desc: OpenPGP digital signature
URL: <http://elists.isoc.org/pipermail/internet-history/attachments/20260514/144957db/attachment-0001.asc>