[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSec IP Telephony:End to End or Segment
Steve Bellovin writes:
> CALEA does not prohibit end-to-end encryption, nor does it mandate any
> form of key escrow.
Agreed.
> If the communicating parties set
> up their own session, say via something like PGPphone, CALEA doesn't
> apply. (Rather, the obligation on the carrier would be to turn over
> the ciphertext, and let Ft. Meade figure it out.)
Right, but my point is that the FBI and their friends in domestic
surveillance will (presumably) demand from the U.S. Congress the same
access to useful plaintext voice call content -- with proper
authorization -- they already have in the PSTN. I don't expect the
Atty. General and Dir. FBI to say "oh well, I guess we can't tap
any more phone calls in transit" without a big fight.
This is what I meant when I referred to "CALEA-style" intercepts in
my previous message. I'm trying to anticipate the next generation of
CALEA-like legislation.
I don't know what Congress might mandate as a remedy, but generally
I expect they would/will try to meet the "legitimate needs of law
enforcement" in this matter. I'm concerned that they may regulate
end-user software and dedicated hardware, and/or try to inject key
escrow (GAK) into IP telephony protocols. [There's a stub section
for key escrow support in the most recent draft I've seen of H.235,
the ITU-T draft recommendation on "Security and Encryption for H
Series (H.323 and other H.245 based) multimedia terminals". It's
labelled For Future Study in the 25 Feb 1998 draft.]
-Lewis
References: