On 14/08/2015 16:19, John Leslie wrote:
John G. Scudder <jgs@xxxxxx> wrote:
On Aug 13, 2015, at 11:10 AM, Dave Crocker <dhc@xxxxxxxxxxxx> wrote:
To the extent that you know of a practical line of design effort that
can satisfy the above goal, without also creating the basic problems
that have been documented, please describe it.
Yes, exactly. "Send code."
Just so we don't lose context,
Stewart Bryant <stbryant@xxxxxxxxx> wrote:
As engineers we should aim to address this dilemma rather than
simply declare it impossible, and opt for data privacy at all costs.
We have a social responsibility to design an internet that is rugged
from attack, that is fit for use by law-abiding people but does not
provide an impregnable conduit for the use of people that seek to
harm us.
My concern is that by elevating the status of RFC1984 we fail to
acknowledge the dilemma, and do not set a goal of designing
technologies that allow the internet to be used to reliably and
safely carry information for the law abiding, but still provide
the ability for those that we trust to protect us from harm
to perform that task.
(There is, of course, no such thing as an "impregnable conduit".)
There are obviously degrees of protection, but the point is that
many communications channels are protected to the point that
they cannot be decrypted in a time that is useful to the law
enforcement world.
If Stewart follows up, I hope he will explain what he meant by
"those that we trust to protect us from harm".
Well I for one trust our local police forces to do this by their best
effort at detecting and bringing to justice criminals and interdicting
those planning criminal activities. That is the service that we pay them
to do through our taxes, and as far as I can tell that is their intent.
The security services are rather more opaque, but in democracies
they are paid through our taxes to protect their citizens from harm.
- Stewart
--
For corporate legal information go to:
http://www.cisco.com/web/about/doing_business/legal/cri/index.html