[96425] in North American Network Operators' Group
Re: ISP CALEA compliance
daemon@ATHENA.MIT.EDU (Jason Frisvold)
Thu May 10 14:03:55 2007
Date: Thu, 10 May 2007 14:03:02 -0400
From: "Jason Frisvold" <xenophage0@gmail.com>
To: "Jared Mauch" <jared@puck.nether.net>
Cc: "Nikos Mouat" <nikm@cyberflunk.com>, nanog@merit.edu
In-Reply-To: <20070510164400.GA96331@puck.nether.net>
Errors-To: owner-nanog@merit.edu
On 5/10/07, Jared Mauch <jared@puck.nether.net> wrote:
> If you're not offering VoIP services, your life may be easier as
> you will only need to intercept the data. Depending on your environment
> you could do this with something like port-mirroring, or something
> more advanced. There are a number of folks that offer TTP (Trusted
> third-provider) services. Verisign comes to mind. But using a TTP
> doesn't mean you can hide behind them. Compliance is ultimately your
> (the company that gets the subponea) responsibility.
Here's a question that's come up around here. Does a CALEA intercept
include "hairpining" or is it *only* traffic leaving your network?
I'm of the opinion that a CALEA intercept request includes every bit
of traffic being sent or received by the targeted individual, but
there is strong opposition here that thinks only internet-related
traffic counts.
> - Jared (IANAL!)
--
Jason 'XenoPhage' Frisvold
XenoPhage0@gmail.com
http://blog.godshell.com
