[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf-tls
Subject: RE: [TLS] draft-housley-evidence-extns-00 worse than key escrow
From: "Mark Brown" <mark () redphonesecurity ! com>
Date: 2007-01-08 14:58:36
Message-ID: 00bb01c73335$79b2e940$6801a8c0 () rps ! local
[Download RAW message or body]
These conclusions are unsound, the conjecture about my intentions is untrue,
and some statements are plainly contradictory to the specifications of the
Internet Draft. I'll respond in more detail on Wednesday.
> -----Original Message-----
> From: Martin Rex [mailto:martin.rex@sap.com]
> Sent: Monday, January 08, 2007 7:49 AM
> To: tls@ietf.org
> Subject: [TLS] draft-housley-evidence-extns-00 worse than key escrow
>
> What has become obvious from the disscussion so far is not only
> that the draft-housley-evidence-extns-00 is absolutely useless
> for purposes of creating receipts for internet online commerce,
> it's primary intention is to completely subvert the TLS protocol
> in order to provide a means for law enforcment agencies to
> collect evidence of thought-to-be private (tele)communications
> for direct use in court, in a quality that will make it difficult
> to impossible deny/repudiate.
>
> 10 years ago, we thought that mandatory key escrow would be the worst
> that could happen to computer security. This proposal is worse by
> a significant margin.
>
> The obvious drawback of key escrow is, that with the keys one can
> not only reveal the protected communication, but also trivially
> "fabricate" evidence, which would significantly impair/ruin the quality
> of "wire-tapped" communcations as (sole) evidence in court.
>
> With the TLS evidence approach, requiring EAL6+ crypto hardware and
> keystores on every telecommunication device and having them sign
> the entire raw communication, the wire-tapped can not only be used
> for intelligence purposes and further investigations leading to
> real evidence, it can be used directly as evidence against either
> or both of the unsuspecting and unconsenting communication peers.
>
> For the usage scenario that Mark is looking at, the communication
> peers are going to be an end user's telecommunications device on
> one side and some network operators phone switch on the other.
> I don't know whether he's thinking of VoiP or the next generation
> of mobile phones.
>
> So the key on the "users side" (plus a certificate by an
> government-authorized CA) would likely be a requirement for the
> device to access the phone switch, and it would first of all
> identify the device and communications from this device,
> rather than an actual user. There is no intention to notify or
> even ask for consent for a signed wire-tap evidence, of course.
>
>
> -Martin
>
>
>
> _______________________________________________
> TLS mailing list
> TLS@lists.ietf.org
> https://www1.ietf.org/mailman/listinfo/tls
_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic