[113200] in cryptography@c2.net mail archive
Re: Death of antivirus software imminent
daemon@ATHENA.MIT.EDU (Sandy Harris)
Mon Jan 14 18:50:26 2008
Date: Tue, 15 Jan 2008 07:30:58 +0800
From: "Sandy Harris" <sandyinchina@gmail.com>
To: Cryptography <cryptography@metzdowd.com>
In-Reply-To: <4.3.2.7.1.20080111170151.03e13890@mail.alten.org>
On Jan 12, 2008 9:32 AM, Alex Alten <alex@alten.org> wrote:
> Generally any standard encrypted protocols will probably eventually have
> to support some sort of CALEA capability. ...
That's a rather large and distinctly dangerous assumption. Here's the
IETF's official line on the question, the "abstract" section of RFC 2084:
The Internet Engineering Task Force (IETF) has been asked to take a
position on the inclusion into IETF standards-track documents of
functionality designed to facilitate wiretapping.
This memo explains what the IETF thinks the question means, why its
answer is "no", and what that answer means.
http://www.faqs.org/rfcs/rfc2804.html
The whole question was extensively discussed on an IETF mailing
list set up for the purpose before that RFC was written:
http://www1.ietf.org/mail-archive/web/raven/current/index.html
The aptly named RFC 1984 is also relevant.
Among the more obvious problems are the fact that complexity
is bad for security, that the US government has some history
of abusing wiretaps, and that other governments who would
have access to any such technology are even less trustworthy.
--
Sandy Harris,
Nanjing, China
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com