Ed Juskevicius wrote: > > If my memory serves me correctly, I believe the logic was along the lines > of "Law enforcement agencies require some capabilities that are aking to > backdoors. Given this, it would be better if we (who know what we are > doing) designed these capabilities, rather than leave it to others do so." Correct, these agencies are going to define and require capabilities independent of what the IETF is doing. So what. We do not want that in our protocols, because we do not want any other party besides those that are officially participating the communication to be able to get at the contents of the communication -- without at least one of the participating parties being aware of a wiretap. Within our protocols, it is impossible to prevent that a rightful participant shares his communication data with a law enforcement agency. Hopefully there is a warrent for permitting this or a very severe imminent threat. But the only point of weaknesses in protocols itself is to be able to wiretap without asking any of the participants for their consent and without getting it lawfully authorized (e.g. warrant). Bottom line - lawful intercept can be done at the endpoints independent of the protocol. Protocol weaknesses or backdoors first of all are weaknesses with an extremely large abusive potential for both good _and_ bad, and even the allegedly good are well known to regularly abuse their powers (and if you are not aware that they're (ab)using their powers, then there is no way to stop them from abusing their power or to hold them responsible. "Open your protocols to wiretapping" is not very much different to folks when the enter a country that they MUST refrain from talking to others in foreign languages, because it might impair agents from some government organization (whoose potential presence is not revealed to you) from following any conversations you might be participating in. -Martin _______________________________________________ Ietf mailing list Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf