Re: IP: IETF considers building wiretapping into the Internet
> > > > Is it a given that IETF standard protocols will contain backdoors? I > > support the idea of bringing the issue before the IETF. Surely the vast > > majority will oppose weakening the protocols. > > Backdoors not the only consideration. Phone systems have many interesting properties for government monitoring. - All phones have a readily available (to a government) physical address. - Mobile phones are associated with a physical billing address. Mail drops are not usually allowed. - Audit trails of all calls can be made available. Who you call is often more interesting than what you say. So in this context, what are the implications to IP addresses? I'm sure the FBI will want similar tracking of Internet addresses. On a related note ... Does anyone on this list have a reference to the story about the soccer mom that was recently investigated by the police? She apparently used her Safeway shopping card to buy many baggies for the soccer teams sandwiches. Paul
Re: IP: IETF considers building wiretapping into the Internet
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 14 Oct 1999, James Robertson wrote: > As an Australian, I am more than a little concerned > that an American law enforcement agency is trying > to dictate the design of an international communication > standard. As an Australian, you should be used to technology taking a back seat to the needs of law enforcement. The release of ETSI ISDN was delayed for years in .au as the local telco monopoly (Telstra) was forced to make it wiretap friendly. I hear that similar things are happening with VOIP today. > Does this mean they can wiretap Australian conversations > as well? "They" have been able to do this for years. Regards, Damien Miller - -- | "Bombay is 250ms from New York in the new world order" - Alan Cox | Damien Miller - http://www.mindrot.org/ | Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work) -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE4BykFormJ9RG1dI8RAh77AKCvS5NZPqDuFaP39qkpp5wiVM2XcwCfa1Kz j5xk3BeF9pEFCIlGBNhfwlg= =cMgw -END PGP SIGNATURE-
Re: IP: IETF considers building wiretapping into the Internet
On 10/14/99 at 9:49 AM, [EMAIL PROTECTED] (Steven M. Bellovin) wrote: > In message <[EMAIL PROTECTED]>, Allen Ethridge writes: > > > > None of these things happened when CALEA was implemented in the traditional > > circuit-switched voice network. CALEA advocates already have a success to poi > > nt > > to. > > CALEA is not yet implemented; among the reasons are that the requirements from > the FBI mandate a complex, expensive design. In other words, it's not a > success. I probably shouldn't have entered this conversation. This is in part in response to James Robertson who wrote elsewhere: > As an Australian, I am more than a little concerned > that an American law enforcement agency is trying > to dictate the design of an international communication > standard. > > Does this mean they can wiretap Australian conversations > as well? I misspoke. CALEA has not yet been implemented. But building wiretapping capability into voice switching systems is old and successful. The U.S. government is not the first, even among democratic governments, to require this capability. In a form other than CALEA it's already out there. Now it's time for me to exercise my significantly over-developed senses of melodrama and paranoia and leave this conversation. Allen
Re: IP: IETF considers building wiretapping into the Internet
At 14:25 10/14/1999 -0700, Steve Reid wrote: >I'm no lawyer, so I'm probably going out on a limb here, but I don't >think CALEA can apply to encryption. Steve, no need to go out on a limb. CALEA most definitely does not apply to domestic use of encryption. (Though it is fair to say that the same principles apply. CALEA is essentially a government requirement that voice technologies be easily snoopable by the feds. Watch Louis Freeh demand a similar thing of data.) Here's a note that should clarify things from the ACLU. -Declan * Date: Thu, 14 Oct 1999 12:29:44 -0400 To: [EMAIL PROTECTED] From: Barry Steinhardt <[EMAIL PROTECTED]> Subject: Re: FC: John Gilmore: CALEA wiretap law DOES NOT cover the Net Declan, John Gilmore is quite right that CALEA was not intended to and does not cover what it calls "information services", the most prominent of which is "electronic messaging" -- email, instant messaging etc. There is no reason for the IETF to build surveillance capabilities into architecture of the Net. CALEA doesn't require that and there is strong resistance in the Congress to any expansion of the law along those lines. There is, however, one subtle but important issue involving IP that is still being fought out. The FBI wants the full content of customer communications from traditional telecommunications carriers who use packet switching technology, even when the government is only authorized to intercept addressing or signaling data through a pen register or trap and trace device order. In other words, they want access to packets containing both call- identifying and call content information, when only the former was authorized. The standards for getting a pen register order are much less stringent, than even the weak standards for an order allowing tapping of content. The FBI contends that the government would sift through the data and pay attention to only what it has authority to intercept. Not only does this violate the "minimization" requirement of the Fourth Amendment and the basic wiretapping law Title III, but it explicitly violates Section 103(a)(4) of CALEA, which requires the carriers to protect communications not authorized to be intercepted. It is based on an unrealistic and naive assumption that law enforcement would impose severe self-restraint in processing the information. The FCC split the baby, although not exactly in half. They recognized the problem, but still required that packet-mode communications be delivered to law enforcement under the new CALEA standard no later than September 30, 2001. That date is 15 months after the June 30, 2000 compliance deadline for most other aspects of the standard. They required the telephone industry association (The TIA) to make a report to the it by September 30,2000 detailing how they intended to address the inherent problem of packets which contain both content and identifying information. Naturally, this will be an important issue in the appeal of the FCC order, by the ACLU and a number of other the parties. The problem will grow in importance as packet switching becomes more and more common among "traditional telecommunications" providers. Barry Steinhardt ACLU -- Barry Steinhardt Associate Director American Civil Liberties Union 125 Broad St. New York,NY 10004 212 549 -2508 (v) 212 549-2656 (f) [EMAIL PROTECTED] Are You a Card-Carrying Member of the ACLU? Join us at: https://www.newmedium.com/aclulink/forms/join.shtml -- POLITECH -- the moderated mailing list of politics and technology To subscribe: send a message to [EMAIL PROTECTED] with this text: subscribe politech More information is at http://www.well.com/~declan/politech/ --
Re: IP: IETF considers building wiretapping into the Internet
In message <[EMAIL PROTECTED]>, Steve Reid writes: > On Wed, Oct 13, 1999 at 03:08:49PM -0400, Steven M. Bellovin wrote: > > But it's also clear that folks who manufacture this gear for sale in > > the U.S. market are going to have to support CALEA, which in turn > > means that someone is going to have to standardize the interface -- > > the FBI regulations at the least strongly urge that > > industry-standard protocols be used for such things. > > I'm no lawyer, so I'm probably going out on a limb here, but I don't > think CALEA can apply to encryption. > > If you use a 3DES-encrypted phone over a CALEA-compliant carrier it > doesn't invalidate the carrier's CALEA compliance. The LEAs still have > access to the communications, just not to the plaintext. So in practice > CALEA does not guarantee access to plaintext. Yes and no. Yes, you're quite correct that CALEA doesn't bar 3DES. *However* -- where the key comes from matters a lot. If the carrier participates in the key exchange -- say, by acting as the KDC -- then it has to make available either that key or the plaintext of the call. If, on the other hand, the end systems do the key management themselves, say via PGPphone, Starium, or STU-III -- then the telephone company is off the hook. In other words -- CALEA obligates carriers to provide their piece of the conversation; end-user stuff isn't covered. And no, I'm not a lawyer, either, but I have to worry about some of this stuff for my day job. --Steve Bellovin
Re: IP: IETF considers building wiretapping into the Internet
On Wed, Oct 13, 1999 at 03:08:49PM -0400, Steven M. Bellovin wrote: > But it's also clear that folks who manufacture this gear for sale in > the U.S. market are going to have to support CALEA, which in turn > means that someone is going to have to standardize the interface -- > the FBI regulations at the least strongly urge that > industry-standard protocols be used for such things. I'm no lawyer, so I'm probably going out on a limb here, but I don't think CALEA can apply to encryption. If you use a 3DES-encrypted phone over a CALEA-compliant carrier it doesn't invalidate the carrier's CALEA compliance. The LEAs still have access to the communications, just not to the plaintext. So in practice CALEA does not guarantee access to plaintext. If CALEA _does_ specify access to plaintext, then what we have are domestic restrictions on encryption, with all of the constitutional issues that go with it. To date the export restrictions have been the only legal means of slowing the spread of strong crypto. CALEA is something entirely different. But I'm still not a lawyer.
Re: IP: IETF considers building wiretapping into the Internet
James Robertson writes: Boy, things are really heating up on [EMAIL PROTECTED] If you're not there, you're missing something. > As an Australian, I am more than a little concerned > that an American law enforcement agency is trying > to dictate the design of an international communication > standard. Well, aren't there Oz engineers in the IETF? If there aren't, that's their fault, isn't it? > Does this mean they can wiretap Australian conversations > as well? You never heard of Echelon & consorts? Of course they can. The current debate is whether to make it even easier for them. Personally I don't think on the long run there is any way around of implementing the equivalent for mail mixers for other IP services.
Re: IP: IETF considers building wiretapping into the Internet
In message <[EMAIL PROTECTED]>, Allen Ethridge writes: > On 10/13/99 at 7:49 PM, [EMAIL PROTECTED] (Peter Gutmann) wrote: > > > Why not refrain in the *expectation* that it'll be done incompetently? > > ... > > > > If they want to play big brother, why not give them more than enough rope, > > point at a conveniently-placed tree limb if necessary, and then stand back? My concern is my privacy -- a poorly-designed system is likely to let lots of folks in, not just law enforcement officers operating under a legitimate warrant. > > None of these things happened when CALEA was implemented in the traditional > circuit-switched voice network. CALEA advocates already have a success to poi > nt > to. CALEA is not yet implemented; among the reasons are that the requirements from the FBI mandate a complex, expensive design. In other words, it's not a success. --Steve Bellovin
Re: IP: IETF considers building wiretapping into the Internet
So was the Raven list created on 11-Oct-1999 as seems to be the case given that the.. http://www.ietf.org/mail-archive/working-groups/raven/current/ ..archive apparently begins there? (keep clicking on [next page] till it doesn't work any more) Does it map to any particular working group or just to this LEA compliance policy question (and such questions in general?)? thanks, JeffH
Re: IP: IETF considers building wiretapping into the Internet
At 04:05 14/10/1999 , Declan McCullagh wrote: > Net Wiretapping: Yes or No? > by Declan McCullagh ([EMAIL PROTECTED]) > > 10:30 a.m. 13.Oct.99.PDT > The FBI says the Internet's standards > body should craft technology to facilitate > lawful government surveillance. > > A spokesman said Wednesday that the > bureau supported the Internet > Engineering Task Force's recent decision > to debate whether the ability to wiretap > should be part of future Internet > standards. > > "We think it's a wise and prudent move," > said Barry Smith, supervisory special > agent in the FBI's Digital Telephony and > Encryption policy unit. > > "If court-authorized wiretaps are > frustrated, effective law enforcement is > jeopardized, public safety is jeopardized, > and policymakers are going to have to > figure out how to rectify the problem." As an Australian, I am more than a little concerned that an American law enforcement agency is trying to dictate the design of an international communication standard. Does this mean they can wiretap Australian conversations as well? J - James Robertson Step Two Designs Pty Ltd SGML, XML & HTML Consultancy http://www.steptwo.com.au/ [EMAIL PROTECTED] "Beyond the Idea" ACN 081 019 623
Re: IP: IETF considers building wiretapping into the Internet
On 10/13/99 at 7:49 PM, [EMAIL PROTECTED] (Peter Gutmann) wrote: > Why not refrain in the *expectation* that it'll be done incompetently? If > previous efforts along these lines (Clipper, TACDFIPSFKMI) are anything to go > by then: > > - The design and planning process alone will cost enough that it'll be a > severe problem. > - It'll take years to complete. > - It'll be unworkable when it's done. > - Throughout the entire process, it'll be a magnet for criticism from > privacy advocates, the IT industry, telco's, left-wingers, right_wingers, > ... > > If they want to play big brother, why not give them more than enough rope, > point at a conveniently-placed tree limb if necessary, and then stand back? None of these things happened when CALEA was implemented in the traditional circuit-switched voice network. CALEA advocates already have a success to point to. Allen
Re: IP: IETF considers building wiretapping into the Internet
Steven M. Bellovin writes: > So -- how should the back door be installed? In the protocol? In the telco > endpoint? Is it ethical for security people to work on something that lowers > the security of the system? Given that it's going to be done anyway, is it > ethical to refrain, lest it be done incompetently? If something evil is done poorly, is that more or less evil? Answer not obvious to me. In any case, a properly implemented end-to-end encrypted voice stream traveling over a data path with the CALEA bit set just allows the FBI easy access to strong crypto. -- -russ nelson <[EMAIL PROTECTED]> http://russnelson.com Crynwr sells support for free software | PGPok | Government schools are so 521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
Re: IP: IETF considers building wiretapping into the Internet
In message <[EMAIL PROTECTED]>, "P. J. Ponder" writes: > > Is it a given that IETF standard protocols will contain backdoors? I > support the idea of bringing the issue before the IETF. Surely the vast > majority will oppose weakening the protocols. > No, it is by no means a settled question. The IESG posted a note soliciting comments on a new mailing list; it will also be discussed during the regular plenary session. Here's the exact text of the announcement: The use of the Internet for services that replace or supplement traditional telephony is, predictably, causing discussions in many countries about the point at which special rules about telephony services begin to apply to Internet service providers. In many countries, these rules could impose new legal obligations on ISPs, particularly requirements to comply with requests from law enforcement agencies or regulators to intercept, or gather and report other information about, communications. For example many traditional telephony devices, especially central-office switches, sold in those countries are required to have built-in wiretapping capabilities to allow telephone carriers to fulfill these obligations. A number of IETF working groups are currently working on protocols to support telephony over IP networks. The wiretap question has come up in one of these working groups, but the IESG has concluded that the general questions should be discussed, and conclusions reached, by the entire IETF, not just one WG. The key questions are: "should the IETF develop new protocols or modify existing protocols to support mechanisms whose primary purpose is to support wiretapping or other law enforcement activities" and "what should the IETF's position be on informational documents that explain how to perform message or data-stream interception without protocol modifications". We would like to encourage discussion of these questions on the new [EMAIL PROTECTED] mailing list. Subscription requests should be mailed to [EMAIL PROTECTED] OR subscribe via the web at http://www.ietf.org/mailman/listinfo/raven Time will be allocated at the Plenary session at the November IETF to discuss this orally and try to draw a consensus together. (PLEASE DISCUSS THIS ON THE NEW MAILING LIST AND NOT ON THE GENERAL IETF LIST) In addition to the general questions identified above, we believe it would be helpful for mailing list comments to address the following more specific questions: Adding wiretap capability is by definition adding a security hole. Considering the IETF's commitment to secure protocols, is it a reasonable thing to open such a hole to meet these requirements? Should the IETF as an international standards organization shape its protocols to support country-specific legal requirements? If the companies who employ the IETF participants and deploy the IETF's technology feel that having wiretap capability is a business necessity due to the regulatory requirements in the countries where they want to sell their products, would that make a difference to the IETF position on this subject? What is the appropriateness or feasibility of standardizing mechanisms to conform to requirements that may change several times over the life cycle of equipment built to conform to those standards? When IPv6 was under development, the IETF decided to mandate an encryption capability for all devices that claim to adhere to those standards. This was done in spite of the fact that, at the time the decision was made, devices meeting the IPv6 standard could not then be exported from the U.S. nor could they be used in some countries. Is that a precedent for what to do in this case? Could the IETF just avoid specifying the part of the technology that supports wiretapping, presumably assuming that some industry consortium or other standards organization would do so? Would letting that responsibility fall to others weaken the IETF's control over its own standards and traditional areas? If these functions must be done, is it better for the IETF to do them so that we can ensure they are done in the most secure way and, where permitted by the regulations, to ensure a reliable audit capability? What would the image of the IETF be if we were to refuse to standardize any technology that supported wiretapping? In the Internet community? In the business community? To the national regulatory authorities? The goal of the mailing list and then plenary session is to address the broad policy and direction issue and not specific technical issues such as where exactly in an architecture it would be best to implement wiretapping if one needed to do so. Nor are they to address what specific functions might be needed to implement wiretapping under which countries' laws. The intent is basically to discuss the question of what stance the IETF should take on the general issue.
Re: IP: IETF considers building wiretapping into the Internet
"Steven M. Bellovin" <[EMAIL PROTECTED]> writes: >So -- how should the back door be installed? In the protocol? In the telco >endpoint? Is it ethical for security people to work on something that lowers >the security of the system? Given that it's going to be done anyway, is it >ethical to refrain, lest it be done incompetently? Why not refrain in the *expectation* that it'll be done incompetently? If previous efforts along these lines (Clipper, TACDFIPSFKMI) are anything to go by then: - The design and planning process alone will cost enough that it'll be a severe problem. - It'll take years to complete. - It'll be unworkable when it's done. - Throughout the entire process, it'll be a magnet for criticism from privacy advocates, the IT industry, telco's, left-wingers, right_wingers, ... If they want to play big brother, why not give them more than enough rope, point at a conveniently-placed tree limb if necessary, and then stand back? (Since this is a mostly political debate, it's probably better to continue it on the Raven list, http://www.ietf.org/mailman/listinfo/raven). Peter.
Re: IP: IETF considers building wiretapping into the Internet
On Wed, 13 Oct 1999, Steven M. Bellovin wrote: >< . . . . > > So -- how should the back door be installed? In the protocol? In the > telco endpoint? Is it ethical for security people to work on > something that lowers the security of the system? Given that it's > going to be done anyway, is it ethical to refrain, lest it be done > incompetently? > >-- >Steve Bellovin > Is it a given that IETF standard protocols will contain backdoors? I support the idea of bringing the issue before the IETF. Surely the vast majority will oppose weakening the protocols. The IAB security position paper (RFC 2316) seemed to come down on the side of strengthening security in the Internet. It may be a given that certain types of _US_ communciations equipment will permit easy wire-tapping, in order to meet US federal requirements, but that is not the same thing as jeopardizing the strength of international communciations standards. The IETF needs to stand up and do what's right on this. Write the area directors, the IAB, and the ISOC members and tell them what you think. Attend a meeting and raise hell. Too bad the next meeting is in the FBI's backyard. We must look like arrogant fools to the rest of the world for thinking that the FBI is going to set global wiretapping standards. I vote to make security protocols as strong as we can make them, given the technology and the hassles over intellectual property, and bearing in mind that there will always be trade-offs between security and speed, security and ease-of-use, etc. These are engineering issues.
Re: IP: IETF considers building wiretapping into the Internet
Another point to consider is that if the CALEA standards are arrived at in an open and public manner, it could be made easy to tell whether or not a given device is implementing them, and one could then use the CALEA status of a device as part of the purchasing decision. If the CALEA protocol is closed, it may be more difficult to tell whether or not a device implements it. Also, since CALEA is U.S., and IETF is international, presumably any standard the IETF comes up with would have to have the CALEA portion as an option, not a requirement, and would have to specify how devices that do not implement CALEA would operate. Remember how loudly we howled about the secret nature of the guts of the Clipper chip? We are now being hoisted by our own petard... :'/ _MelloN_
Re: IP: IETF considers building wiretapping into the Internet
In message <[EMAIL PROTECTED]>, Declan McCullagh wr ites: > > This followup might be relevant too. Has the FBI ever publicly weighed in > on an IETF debate before? Are there any implications here in other areas, > such as taxes, content, or encryption? There are clearly many aspects to this question. The particular IETF discussion was triggered by a move in a working group that was concerned with connectivity to the PSTN; they wanted to add CALEA support to their protocol. Should that be done in the IETF? It's clear that such capabilities lower the security of the system. (A fascinating Wall Street Journal story (Oct 1, front page) describes how a "data tap" was used to monitor some hackers. Among other things, assorted hackers found databases of phone numbers being monitored by the FBI. What will these folks do when they can get to CALEA ports?) But it's also clear that folks who manufacture this gear for sale in the U.S. market are going to have to support CALEA, which in turn means that someone is going to have to standardize the interface -- the FBI regulations at the least strongly urge that industry-standard protocols be used for such things. (And yes, it's quite clear that many uses of this particular working group's protocol would be within the scope of the law.) So -- how should the back door be installed? In the protocol? In the telco endpoint? Is it ethical for security people to work on something that lowers the security of the system? Given that it's going to be done anyway, is it ethical to refrain, lest it be done incompetently? --Steve Bellovin
Re: IP: IETF considers building wiretapping into the Internet
At 00:03 10/13/1999 -0400, Perry E. Metzger wrote: > >I thought this forward from "Interesting People" would be of interest Perry, This followup might be relevant too. Has the FBI ever publicly weighed in on an IETF debate before? Are there any implications here in other areas, such as taxes, content, or encryption? -Declan http://www.wired.com/news/politics/0,1283,31895,00.html Net Wiretapping: Yes or No? by Declan McCullagh ([EMAIL PROTECTED]) 10:30 a.m. 13.Oct.99.PDT The FBI says the Internet's standards body should craft technology to facilitate lawful government surveillance. A spokesman said Wednesday that the bureau supported the Internet Engineering Task Force's recent decision to debate whether the ability to wiretap should be part of future Internet standards. "We think it's a wise and prudent move," said Barry Smith, supervisory special agent in the FBI's Digital Telephony and Encryption policy unit. "If court-authorized wiretaps are frustrated, effective law enforcement is jeopardized, public safety is jeopardized, and policymakers are going to have to figure out how to rectify the problem." [...]
Re: IP: IETF considers building wiretapping into the Internet
The FCC issued yesterday its detailed definitions of what types of services are and are not subject to CALEA requirements: http://cryptome.org/fcc101299.txt This was issued in an attempt is to answer questions from respondents about what is a "telecommunications carrier." Excerpts: "5. CALEA also makes clear that its requirements do not apply to certain entities and services. Subsection 102(8)(C) of the definition specifically excludes information services, and the legislative history makes clear that CALEA does not apply to private network services: [T]elecommunications services that support the transport or switching of communications for private networks or for the sole purpose of interconnecting telecommunications carriers * * * need not meet any wiretap standards. PBXs are excluded. So are automated teller machine (ATM) networks and other closed networks. Also excluded from coverage are all information services, such as Internet service providers or services such as Prodigy and America-On-Line. All of these private network systems or information services can be wiretapped pursuant to court order, and their owners must cooperate when presented with a wiretap order, but these services and systems do not have to be designed so as to comply with the capability requirements. It is unnecessary to adopt the FBI's recommendation not to use the adverb ``indiscriminately'' in clarifying the definition of telecommunications carrier. The FBI is concerned that the inclusion of this term may allow companies that hold themselves out to serve only particular groups to undermine CALEA, intentionally or inadvertently, by creating a loophole that would permit criminals to use telecommunications providers that do not indiscriminately offer their services to the public." [End excerpts]