Re: Last Call: Recognising RFC1984 as a BCP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 20/08/15 16:30, John Curran wrote:
> On Aug 20, 2015, at 10:47 AM, Randy Bush <randy@xxxxxxx> wrote:
>>
>>> It’s quite possible that the appropriate tradeoff for society
>>> continues to be that as documented in RFC1984, but it should be
>>> recognized as an actual tradeoff and not an an approach without any
>>> impact to lawful enforcement activities (as might be implied from your
>>> comments above.)
>>
>> sorry, i can't resist
>>
>> We should not be building surveillance technology into standards.  Law
>> enforcement was not supposed to be easy.  Where it is easy, it's called a
>> police state.  -- Jeff Schiller
> 
> Randy - 
>  
>   Actually, that is a perfect example of my point - Jeff’s quote (with respect
>   to not including surveillance technology) actually acknowledges that there 
>   is an impact as a result that choice; i.e. ‘LE not supposed to be easy.’
> 
>   That’s quite different than some of the assertions on this list implying that 
>   RFC1984 has no impact to LEA activities…  If the IETF is going to make
>   a statement, it should be an intellectually honest one and acknowledge
>   that there could be an LEA impact, but even so, that outcome is still the 
>   desirable tradeoff in the circumstances.  

RFC1984 is about export and mandatory key escrow. That is related
to but not the same as so-called lawful intercept. RFC2804 does
deal with the latter explicitly. So I don't think that we need to
modify 1984 to talk about what is covered by 2804.

Some folks did make the point earlier that we ought "promote" both
1984 and 2804 to become one new BCP, which could be done. I only
so far saw two folks in favour of that, I assume on the basis that
both RFCs are today in a similar state and the topics, while different,
are related. The argument so far raised against was that there was
at the time (and still seems to be now) much better support for
what 1984 says (which is different to it being a BCP or not) than
was the case for 2804 was that was written.

For me, I think they're different enough that they'd be better
handled separately but if there are more arguments those would be
good to hear.

S.


> 
> /John
> 
> Disclaimer: my views alone.
> 
> 
>
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]