RE: [NEWS] FBI To Require ISPs To Reconfigure E-mail Systems (fwd)
I could have sworn I was subscribed to nanog-post :) Paul ---------- Forwarded message ---------- Date: Thu, 18 Oct 2001 12:49:32 +0200 (MET DST) From: Paul Wouters <paul@xtdnet.nl> To: batz <batsy@vapour.net> Cc: Mike Batchelor <mikebat@tmcs.net>, nanog list <nanog@merit.edu> Subject: RE: [NEWS] FBI To Require ISPs To Reconfigure E-mail Systems (fwd) On Thu, 18 Oct 2001, batz wrote:
:What would wiretap laws be like if individuals had been able all along to :operate their own telco switch, if they so desired?
Funny you should mention that, as I think we are about to find out.
The NL has already answered this question last januari. When asked who needs to be tappable, the answer is "everyone who is offering a public internet service". Dutch law defines telecommunication as the "transport of an electronic signal from once physical device to another" and has defined an IP number as a physical device. Tapped data needs to be sent through a special protocol, the Transport of Intercepted IP Traffic (TIIT). Only registered telco's can legally obtain the specification, which apart from a Dutch standard is an ETSI draft. More information on www.opentap.org (it was on cryptome a while ago) (Or hopefully soon my HAL2001 talk will be online at www.hal2001.org) But it is clear to see where this will al end. Windows users on cable or adsl, running SSL/SASL mailservers on their own desktop, without MX fallbacks, and without ISP smarthosts. As a result of sep 11, crypto law proposals haven't really changed much in the NL (move to controlable 'trusted third parties') but it has put the issue on the table, out in the open, instead of being sneaked in through some forgotten political door. Polls helt by newspapers in the last week showed a majority was in favour of stronger laws for crypto and mandatory carrying of ID at all times. I'll just pray that our democracy will never reach a state where every decision will be made through internet based referendums. Paul ps. Yes, if following the letter of the law, SSH is illegal for ISP's. However, no one has dared yet to submit a key escrow patch to the OpenSSH team :) -- We can't have these hidden economies and foul politics in this age anymore. It is just *too* dangerous --- Howard Davies' (FSA) financial views extrapolated
On Wed, 24 Oct 2001, Paul Wouters wrote:
The NL has already answered this question last januari. When asked who needs to be tappable, the answer is "everyone who is offering a public internet service".
And they have a strange notion of the word "public" too. I got the distinct impression (but nobody wanted to go on record for anything) they feel the Web server that's under my desk at home provides a "public" service too. So I should be prepared to aid the Dutch government in intercepting my own traffic. Which to me would seem to defeat the purpose, but what do I know?
Tapped data needs to be sent through a special protocol, the Transport of Intercepted IP Traffic (TIIT).
TIIT only specifies the transport protocol, though. There are no restrictions on network topology. As long as you can intercept the traffic (not just email--everything) in your network and deliver it, it's ok. It seems the FBI wants the traffic to flow over a number of centralized locations for easy interception. (I would rather intercept a dozen Gigabit Ethernet connections in different places than a single OC-192 POSIP, but again: what do I know?) See: http://www.interactiveweek.com/article/0,3658,s%3D605%26a%253D16678,00.asp This worries me a great deal. If we as an industry learned anything from September 11th, it is (or should be) that centralized facilities are vulnerable. Iljitsch van Beijnum
Iljitsch van Beijnum wrote:
On Wed, 24 Oct 2001, Paul Wouters wrote:
The NL has already answered this question last januari. When asked who needs to be tappable, the answer is "everyone who is offering a public internet service".
And they have a strange notion of the word "public" too. I got the distinct impression (but nobody wanted to go on record for anything) they feel the Web server that's under my desk at home provides a "public" service too. So I should be prepared to aid the Dutch government in intercepting my own traffic. Which to me would seem to defeat the purpose, but what do I know?
Well, now, see, if you were a terrorist, you'd obviously happily cooperate.
participants (3)
-
Christian Kuhtz -
Iljitsch van Beijnum -
Paul Wouters