So they’re hardly the only intelligence agencies in the world, so I don’t get why they’re specifically being pointed out unless you have some direct evidence.
As far as I’m aware, 0rtt started with Google’s QUIC. It’s since gone through a ton of academic and industry debate, particularly at the IETF level. It’s something optional to turn on, comes with notes on limitations and weaknesses, and major supporting vendors like Cloudflare have giant blog posts about how it can be used in only limited ways. How is this an intelligence crafted backdoor?
If you were going to point fingers (probably unfairly) at people whose agenda seems compatible with agencies that don't like BCP#188 (the IETF policy document "Pervasive Monitoring Is an Attack") then the best candidates would be those asking for the "transparency" features, some of which claimed at different times to represent data centre operators, financial institutions, and IoT manufacturers.
None of that made it into this draft, indeed the Monday meeting (this link is about the Wednesday meeting although practically speaking I think this was a done deal by Monday) of the TLS working group at IETF 101 basically killed all those plans, at least in so far as they impact TLS 1.3 itself. The IETF operates on "rough consensus" and there wasn't any way forward on "transparency" (aka snooping) that had consensus, so it was either publish this or stall forever.
As far as I’m aware, 0rtt started with Google’s QUIC. It’s since gone through a ton of academic and industry debate, particularly at the IETF level. It’s something optional to turn on, comes with notes on limitations and weaknesses, and major supporting vendors like Cloudflare have giant blog posts about how it can be used in only limited ways. How is this an intelligence crafted backdoor?