[113481] in cryptography@c2.net mail archive
Re: Death of antivirus software imminent
daemon@ATHENA.MIT.EDU (James A. Donald)
Fri Jan 18 10:51:45 2008
Date: Fri, 18 Jan 2008 19:35:57 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: Alex Alten <alex@alten.org>
CC: "Leichter, Jerry" <leichter_jerrold@emc.com>,
"Steven M. Bellovin" <smb@cs.columbia.edu>,
dan@geer.org, cryptography@metzdowd.com
In-Reply-To: <4.3.2.7.1.20080111170151.03e13890@mail.alten.org>
Alex Alten wrote:
> Generally any standard encrypted protocols will
> probably eventually have to support some sort of CALEA
> capability. For example, using a Verisign ICA
> certificate to do MITM of SSL, or possibly requiring
> Ebay to provide some sort of legal access to Skype
> private keys.
And all the criminals will of course obey the law.
Why not just require them to set an evil flag on all
their packets?
> If there is a 2nd layer of encryption then this would
> require initial key exchanges that may be vulnerable
> to interception or after-the-fact analysis of the
> decrypted SSL payloads.
I guarantee I can make any payload look like any other
payload. If the only permitted communications are
prayers to Allah, I can encode key exchange in prayers
to Allah.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com