Jerry Leichter wrote: > Well, here I'll expect one. :-) Not a new idea, although I don't know where I heard it the first time.
> As there is increasing pressure to keep > records of Internet use, there will be a counter-move to use VPN's which > promise to keep no records. Which will lead to legal orders that > records be kept, with no notification to those being tracked. Enter > secure remote attestation - rendering it impossible for an appropriately > defined non-logging implementation to start logging without giving this > fact away. Probably off-topic for this list, but this doesn't make much sense to me, as such non-logging implementations likely will be just as illegal as notifying the client of the change, which seems an overall better solution if you are willing to break the law (provided you can hide the notification from authorities). [In Germany, means of surveillance are required by law, as is record keeping]. Getting back on topic, cryptographically speaking, it's also quite possible to just monitor all ingoing and outcoming traffic and correlate one with the other. Preventing this is not easy, even if encryption is used. > Maybe it'll be the pirates who make the first large-scale use of those > TPM's! Maybe, and this would be a major confirmation that TPM actually works at any non-trivial scale. I can't see it, though. Thanks, Marcus --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com