[143043] in cryptography@c2.net mail archive
Re: Obama's secure PDA
daemon@ATHENA.MIT.EDU (Jerry Leichter)
Mon Jan 26 16:47:15 2009
Cc: Cryptography <cryptography@metzdowd.com>
From: Jerry Leichter <leichter@lrw.com>
To: =?UTF-8?Q?Ivan_Krsti=C4=87?= <krstic@solarsail.hcs.harvard.edu>
In-Reply-To: <3CA8BF10-C7A2-415D-BFAA-09418B04101B@solarsail.hcs.harvard.edu>
Date: Mon, 26 Jan 2009 16:18:39 -0500
On Jan 26, 2009, at 2:49 AM, Ivan Krsti=C4=87 wrote:
> [A]ny idea why the Sect=C3=A9ra is certified up to Top Secret for =
voice =20
> but only up to Secret for e-mail? (That is, what are the differing =20
> requirements?)
I have no information, but a guess: Phone conversation encryption, at =20=
all levels, has been around for many years. Email is a relative =20
newcomer. Further, the problem for voice is inherently simpler: A =20
conversation is transient. It's not expected to be recorded, and I'm =20=
sure the devices are designed to make recording a conversation =20
difficult even for someone with full access to the phone. So you're =20
dealing with establishing a secure session, with nothing left after =20
the fact. If you're talking email, on the other hand, you're =20
inherently dealing with information at rest. That changes the whole =20
game, introducing issues of key management, maintenance of security =20
level of time - a conversation once completed is gone, so the question =20=
of how to declassify it or move it to another compartment or whatever =20=
cannot arise - how to deal with forwarding, and so on. All of this is =20=
inherent in a usable email system. An email system for the White =20
House has the additional complication of the Presidential Records =20
Act: Phone conversations don't have to be recorded, but mail messages =20=
do (and have to remain accessible).
It makes one wonder if this is a Sect=C3=A9ra limitation, a =
Sect=C3=A9ra-for-=20
the-President limitation, or whether there is no Top Secret email =20
infrastructure at all....
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
