ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: Recognising RFC1984 as a BCP

2015-08-20 10:44:21
from [Stephen Farrell] [Permanent Link] 


On 20/08/15 16:30, John Curran wrote:

On Aug 20, 2015, at 10:47 AM, Randy Bush <randy(_at_)psg(_dot_)com> wrote:



It’s quite possible that the appropriate tradeoff for society
continues to be that as documented in RFC1984, but it should be
recognized as an actual tradeoff and not an an approach without any
impact to lawful enforcement activities (as might be implied from your
comments above.)


sorry, i can't resist

We should not be building surveillance technology into standards.  Law
enforcement was not supposed to be easy.  Where it is easy, it's called a
police state.  -- Jeff Schiller


Randy - 
 
  Actually, that is a perfect example of my point - Jeff’s quote (with 
respect
  to not including surveillance technology) actually acknowledges that there 
  is an impact as a result that choice; i.e. ‘LE not supposed to be easy.’

  That’s quite different than some of the assertions on this list implying 
that 
  RFC1984 has no impact to LEA activities…  If the IETF is going to make
  a statement, it should be an intellectually honest one and acknowledge
  that there could be an LEA impact, but even so, that outcome is still the 
  desirable tradeoff in the circumstances.  


RFC1984 is about export and mandatory key escrow. That is related
to but not the same as so-called lawful intercept. RFC2804 does
deal with the latter explicitly. So I don't think that we need to
modify 1984 to talk about what is covered by 2804.

Some folks did make the point earlier that we ought "promote" both
1984 and 2804 to become one new BCP, which could be done. I only
so far saw two folks in favour of that, I assume on the basis that
both RFCs are today in a similar state and the topics, while different,
are related. The argument so far raised against was that there was
at the time (and still seems to be now) much better support for
what 1984 says (which is different to it being a BCP or not) than
was the case for 2804 was that was written.

For me, I think they're different enough that they'd be better
handled separately but if there are more arguments those would be
good to hear.

S.




/John

Disclaimer: my views alone.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Last Call: Recognising RFC1984 as a BCP, John Curran
Next by Date:  Re: Last Call: Recognising RFC1984 as a BCP, Spencer Dawkins at IETF
Previous by Thread:  Re: Last Call: Recognising RFC1984 as a BCP, John Curran
Next by Thread:  Re: Last Call: Recognising RFC1984 as a BCP, Spencer Dawkins at IETF
Indexes:  [Date] [Thread] [Top] [All Lists]