======== Date: Wed, 7 Jan 1998 07:44:57 -0800 (PST) From: Declan McCullagh <declan@well.com> To: politech@vorlon.mit.edu Subject: FC: Governments want to change Net architecture, from Comm Daily X-URL: Politech is at http://www.well.com/~declan/politech/ [Apologies to Art for not forwarding this earlier. --Declan] ---------- Forwarded message ---------- Date: Thu, 18 Dec 1997 10:28:49 -0500 From: Art Brodsky <arb@well.com> To: declan@smtp.well.com Subject: comm daily story Declan, Here's the story from Comm Daily, Dec. 17 'Optimistic and Damned Silly' INTERNET CHANGE FOCUS OF INTERNATIONAL LAW ENFORCEMENT Law enforcement officials of U.S. and 7 other industrialized countries want to make fundamental changes in Internet technology in order to aid in their ability to track and catch criminals, Justice Dept. sources said. Program to consider changes in Internet architectures comes as part of agreement announced last week by Attorney Gen. Janet Reno and Justice ministers from around world after meeting in Washington (CD Dec 11 p10). However, one leading Internet authority, MCI Senior Vp Vinton Cerf, said international group's plan wouldn't work. Justice ministers are considering approach similar to that of Communications Assistance to Law Enforcement Act (CALEA) program in U.S., which would make traffic from advanced telecom networks more accessible to law enforcement entities. Representatives of Canada, France, Germany, Italy, Japan, Russia and U.K., as well as U.S., agreed as part of "statement of principles" issued in communique following 2-day session that: "To the extent practicable, information and telecommunications systems should be designed to help prevent and detect network abuse, and should also facilitate the tracing of criminals and the collection of evidence." Several items on "action plan" issued in support of those principles refer to working with new technologies to collect critical evidence, developing standards for authenticating electronic data for use in investigations and encouraging standards-making bodies to provide public and private sectors "with standards for reliable and secure telecommunications and data processing technologies." DoJ officials said Dept. may want to talk later with telephone industry on trap and trace issues, but it's premature to involve them now in follow-up to international summit. Instead, they said, they are looking at broader picture of telecom networks that haven't worked as closely with law enforcement as they could, and have begun thinking about Internet protocols. Internet operates globally with common protocols, currently Internet Protocol version 4. Internet engineers are working on next iteration, version IPv6 (Internet Protocol version 6 -- 5 was experimental attempt that was dropped). Justice official said that one problem now is that it's easy to send and receive e-mail with false address, called "spoofing." It would be helpful to law enforcement if information sent over Internet were tagged, and packets would transmit information reliably as to where they came from, including user and service provider, officials said. Loose analogy would be to compare e-mail messages to tagging of explosives, so law enforcement can track explosive material to its source. DoJ said new protocols could be designed to make it easier to authenticate messages and to make system more reliable. Law enforcement wants to work with industry to accomplish goal, saying it would help "keep people who are abusing information technologies from continuing to do it." There will be substantial obstacles to law enforcement concept, however. Not least of them is that IPv6 will include sophisticated encryption capabilities as part of protocols. Such security isn't built in to Internet now, one of reasons why electronic commerce has yet to take off, said Mark McFadden, communications dir. for Commercial Internet eXchange Assn. (CIX). That feature will make it harder for law enforcement to gain access to information, he said. Cerf, co-inventor of Internet protocols, said in interview that law enforcement's concept of tagging e-mail messages wouldn't work: "To imagine that we would instantly create the infrastructure for that throughout the entire Internet strikes me as optimistic and damned silly, at least in the short term. Anyone who anticipates using tools to guarantee that everything will be traceable is not going to have a successful outcome." Technically, such project could be accomplished, Cerf said, but having administrative infrastructure to administer it is quite different issue. It's possible to have digital signature for every packet of data, but it would take "an enormous amount of processing, and it's not clear we have any network computers and routers that could do that and maintain the traffic flow that's required," Cerf said. It also would require that each sender affix digital signature to each piece of mail, idea that Cerf said couldn't be enforced: "Frankly, the idea of trying to guarantee traceability of that kind is far from implementable." He said he didn't want to be misunderstood that his objections were "an argument in favor of criminality." But Cerf said he worries that "someone relies on what they think is a technical solution without recognizing all of the administrative mechanics that need to be put in place." Law enforcement has some time to work with Internet community. McFadden said IPv6 isn't scheduled to be implemented at consumer level for at least 5 years, possibly as much as 10. There was some urgency when it appeared that reservoir of Internet addresses would dry up, but with progress being made to protect addresses as scarce resource there's less pressure for new set of protocols, he said. posted with permission Warren Publishing -------------------------------------------------------------------------- POLITECH -- the moderated mailing list of politics and technology To subscribe: send a message to majordomo@vorlon.mit.edu with this text: subscribe politech More information is at http://www.well.com/~declan/politech/ --------------------------------------------------------------------------