[113199] in cryptography@c2.net mail archive
Re: Death of antivirus software imminent
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Mon Jan 14 18:48:05 2008
Date: Mon, 14 Jan 2008 22:49:07 +0000
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: Alex Alten <alex@alten.org>
Cc: "Leichter, Jerry" <leichter_jerrold@emc.com>, dan@geer.org,
cryptography@metzdowd.com
In-Reply-To: <4.3.2.7.1.20080111170151.03e13890@mail.alten.org>
On Fri, 11 Jan 2008 17:32:04 -0800
Alex Alten <alex@alten.org> wrote:
>
> Generally any standard encrypted protocols will probably eventually
> have to support some sort of CALEA capability. For example, using a
> Verisign ICA certificate to do MITM of SSL, or possibly requiring
> Ebay to provide some sort of legal access to Skype private keys.
...
>
> >This train left the station a *long* time ago.
>
> So it's not so clear that the train has even left the station.
>
You've given a wish list but you haven't explained why you think it
will happen. The US government walked away from the issue years ago,
when the Clipper chip effort failed. Even post-9/11, the Bush
administration chose not to revisit the question.
The real issue, though, is technical rather than political will. CALEA
is a mandate for service providers; key escrow is a requirement on the
targets of the surveillance. The bad guys won't co-operate...
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com