* Phillip Hallam-Baker: > But first, cite actual legal authority because I don't believe your > interpretation of the law is remotely correct.
§ 8 Abs. 3 TKÜV: | Wenn der Verpflichtete die ihm zur Übermittlung anvertraute | Telekommunikation netzseitig durch technische Maßnahmen gegen | unbefugte Kenntnisnahme schützt, hat er die von ihm für diese | Telekommunikation angewendeten Schutzvorkehrungen bei der an dem | Übergabepunkt bereitzustellenden Überwachungskopie aufzuheben. […] | If the obligated party [the organization to which these rules apply] | uses technical measures at the network layer to protect submitted | communications against unauthorized disclosure, it shall revert the | protections on these communications for the surveillance copy | provided at the handover interface. U.S. law is similar (47 U.S. Code § 1002 (b) (3), if that citation is correct): | A telecommunications carrier shall not be responsible for | decrypting, or ensuring the government’s ability to decrypt, any | communication encrypted by a subscriber or customer, unless the | encryption was provided by the carrier and the carrier possesses the | information necessary to decrypt the communication. If your ordinary resolver operator is a "carrier" is somewhat questionable, but resolver operators generally comply with requests for cleartext copies of traffic transitioning through their networks. I have no doubts that these operators will ask implementors to add the necessary features to keep these capabilities—or they will just turn on indiscriminate query logging. _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop