On 12/11/13 5:07 AM, "Stephen Farrell"
<stephen(_dot_)farrell(_at_)cs(_dot_)tcd(_dot_)ie> wrote:
Can you give examples of what is "not required" to operate
the network? Couldn't CALEA be so considered? And if so,
wouldn't that make this BCP conflict badly with 2804?
By "operate" I was literally thinking about the technical functioning of
the network -- whether the network can be made to work. For example, if a
network operator feels that in order to follow this BCP it must stop all
DDoS mitigation, and as a result the network is constantly flooded with
attack traffic that renders the network essentially unusable for
legitimate users, the network would have been made inoperable. It wouldn't
be able to do what it was meant to do, which is provide connectivity. I
realize that this is using the word "operate" more like the dictionary
definition and less like we usually use the term "operations" in the IETF
(per Scott's email), but I think it works.
I don't see any reasonable argument that a network would have to support
CALEA compliance in order for it to be functional/operational -- surely
networks can be built (and already exist, in people's homes, outside the
US, etc.) that both provide connectivity and are not CALEA-compliant.
Alissa
S
OLD:
Making networks unmanageable in order to mitigate
pervasive monitoring would not be an acceptable outcome.
NEW:
Making networks inoperable in order to mitigate
pervasive monitoring would not be an acceptable outcome.
(Realizing that now is not the time to wordsmith, but just offering
examples that might address the concerns raised earlier in the thread by
Eliot and others.)
Alissa