On Fri, 11 Jan 2008 17:32:04 -0800
Alex Alten <[EMAIL PROTECTED]> wrote:
>
> Generally any standard encrypted protocols will probably eventually
> have to support some sort of CALEA capability. For example, using a
> Verisign ICA certificate to do MITM of SSL, or possibly requiring
> Ebay to provide some sort of legal access to Skype private keys.
...
>
> >This train left the station a *long* time ago.
>
> So it's not so clear that the train has even left the station.
>
You've given a wish list but you haven't explained why you think it
will happen. The US government walked away from the issue years ago,
when the Clipper chip effort failed. Even post-9/11, the Bush
administration chose not to revisit the question.
The real issue, though, is technical rather than political will. CALEA
is a mandate for service providers; key escrow is a requirement on the
targets of the surveillance. The bad guys won't co-operate...
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
