Alex Alten wrote: > Generally any standard encrypted protocols will > probably eventually have to support some sort of CALEA > capability. For example, using a Verisign ICA > certificate to do MITM of SSL, or possibly requiring > Ebay to provide some sort of legal access to Skype > private keys.
And all the criminals will of course obey the law. Why not just require them to set an evil flag on all their packets? > If there is a 2nd layer of encryption then this would > require initial key exchanges that may be vulnerable > to interception or after-the-fact analysis of the > decrypted SSL payloads. I guarantee I can make any payload look like any other payload. If the only permitted communications are prayers to Allah, I can encode key exchange in prayers to Allah. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
