From: hal@finney.org
Date: Mon Oct 18 1999 - 15:21:25 MDT
Robert J. Bradbury, <bradbury@www.aeiveos.com>, writes:
> Subject: Re: Internet protocol proposal raises privacy concerns
>
> I noticed this, but find I can't get excited over it. Maybe I
> don't understand encryption, but it seems the logical thing
> would be to encrypt all of the server-client communications?
Yes, encrypted communications would defeat the desired extensions for
eavesdropping.
The real issue here is that the lines between telephone communications
and internet protocols are blurring. Law enforcement in most countries
has used wiretaps for years, and now technology threatens to make that
obsolete. To address this, the US passed a bill called the Communications
Assistance for Law Enforcement Act (CALEA), which requires new forms of
telephony to be designed to be "wiretap ready". Now a question arises
as to whether Internet telephony (voice over IP) is covered by the law
(or by similar requirements in other countries), and if so, whether
the IETF (the Internet standards body) should therefore build wiretap
capabilities into Internet protocols.
Encryption doesn't moot the debate. First, not everyone uses it,
and won't for a while. But more importantly, if the precedent is
set that wiretap capability must be built into Internet protocols,
it would increase the political leverage for law enforcement when they
demand an end to unbreakable encryption. What was the point, they could
argue, of all the work that was done to build in wiretap capability, if
encryption prevents the wiretaps from being useful? Given the precedent
of requiring wiretap capability on the Internet it would be argued that
encryption must not be allowed unless the government can decrypt messages.
That is how I would expect it to play out.
However it appears that the standards body is dominated by old guard
Internet types, libertarian anarchists who want no part in building
Big Brother into the net. To the extent this is framed as a political
and philosophical issue, they will win the battle. This leaves the
corporate types with a problem; they are the ones who have to comply
with their local laws by selling equipment which is wiretap ready.
Presumably they will have to go outside the IETF to organize any common
protocols or data structures which are necessary.
> Now, of course the group in Israel has cracked the encryption
> codes, so if law enforcement/government had widespread access
> to the technology then could be a problem.
If you are referring to the recent announcment of a quantum computer
that can supposedly break keys in milliseconds, this is widely considered
to be bogus, a confusion of several distinct results into a meaningless
mishmash.
Hal
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 15:05:32 MST