ietf
[Top] [All Lists]

Re: Call for a Jasmine Revolution in the IETF: Privacy, Integrity,

2011-03-10 13:23:28
Ed Juskevicius wrote:

If my memory serves me correctly, I believe the logic was along the lines
of "Law enforcement agencies require some capabilities that are aking to
backdoors.  Given this, it would be better if we (who know what we are
doing) designed these capabilities, rather than leave it to others do so."

Correct, these agencies are going to define and require capabilities
independent of what the IETF is doing.  So what.

We do not want that in our protocols, because we do not want any other
party besides those that are officially participating the communication
to be able to get at the contents of the communication -- without at least
one of the participating parties being aware of a wiretap.

Within our protocols, it is impossible to prevent that a rightful
participant shares his communication data with a law enforcement
agency.  Hopefully there is a warrent for permitting this or a very
severe imminent threat.  But the only point of weaknesses in protocols
itself is to be able to wiretap without asking any of the participants
for their consent and without getting it lawfully authorized (e.g. warrant).

Bottom line - lawful intercept can be done at the endpoints independent
of the protocol.  Protocol weaknesses or backdoors first of all are 
weaknesses with an extremely large abusive potential for both good
_and_ bad, and even the allegedly good are well known to regularly
abuse their powers (and if you are not aware that they're (ab)using
their powers, then there is no way to stop them from abusing their
power or to hold them responsible.


"Open your protocols to wiretapping"

is not very much different to folks when the enter a country that they
MUST refrain from talking to others in foreign languages, because it
might impair agents from some government organization (whoose potential
presence is not revealed to you) from following any conversations you
might be participating in.


-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>