[140384] in North American Network Operators' Group
Re: 23,000 IP addresses
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Tue May 10 15:45:42 2011
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <8646C832-CDB8-4DA1-904B-6F49EA2ABDC5@delong.com>
Date: Tue, 10 May 2011 15:44:31 -0400
To: Owen DeLong <owen@delong.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On May 10, 2011, at 3:02 33PM, Owen DeLong wrote:
>=20
> On May 10, 2011, at 11:49 AM, Michael Holstein wrote:
>=20
>>=20
>>> In the EU you have Directive 2006/24/EC:
>>>=20
>>=20
>> But I'm not, and neither are most of the ISPs in the linked document.
>>=20
>> Regards,
>>=20
>> Michael Holstein
>> Information Security Administrator
>> Cleveland State University
>=20
> In the US, I believe that CALEA requires you to have those records for =
7 years.
>=20
Source, please -- I've never heard of this, nor can I find anything like =
it
at askcalea.com. All I've found is that you have to keep records of=20
*interceptions*. I've also seen numerous news stories about how the FBI
wants that to be added to the law, thus implying that it isn't there =
now.
See, for example, http://news.cnet.com/8301-13578_3-10448060-38.html
--Steve Bellovin, https://www.cs.columbia.edu/~smb
