On 20/11/2013 07:46, Juha Saarinen wrote:
Due to interception capabilities being required, perhaps?
There's a quagmire there about who can be required to help intercept, under what legal process, and with what expectation of success. Personally I would prefer that was something for law enforcement lawyers to prove rather than for us to assume.
On 19/11/2013, at 3:53 pm, Brian E Carpenter
That's exactly why the IETF decided many years ago not to consider wiretapping when writing standards (RFC 2804) and why the IETF is now busy looking for ways to make pervasive surveillance much harder (http://www.ietf.org/media/2013-11-07-internet-privacy-and-security).
The phrase used this week by the Chair of the IETF is "Anything indistinguishable from an attack must be considered an attack". Which I took to mean that interception will be mitigated in the protocols regardless of whether or not it is "lawful" interception. Jay -- Jay Daley Chief Executive .nz Registry Services (New Zealand Domain Name Registry Limited) desk: +64 4 931 6977 mobile: +64 21 678840 linkedin: www.linkedin.com/in/jaydaley