To:
Brad Knowles <brad.knowles@skynet.be>
cc:
Peter Koch <pk@TechFak.Uni-Bielefeld.DE>, DNSOP WG <dnsop@cafax.se>
From:
Edward Warnicke <eaw@cisco.com>
Date:
Tue, 8 Jul 2003 08:51:22 -0400 (EDT)
In-Reply-To:
<a0600122fbb30230e0752@[192.168.0.3]>
Sender:
owner-dnsop@cafax.se
Subject:
Re: draft-warnicke-network-dns-resolution-02.txt
I seem to have miscommunicated. I am in no way suggesting that a router provide arbitrary "lawful intercept" services for some unknown party in some other country. Please see http://www.ietf.org/internet-drafts/draft-baker-slem-architecture-01.txt You may also find the previous thread on this draft informative: http://www.cafax.se/dnsop/maillist/2003-02/msg00058.html Ed On Tue, 8 Jul 2003, Brad Knowles wrote: > At 11:46 PM -0400 2003/07/07, Edward Warnicke wrote: > > > The application I'd originally written the draft to deal with was > > identification of the first-hop router as the intercept access point > > for Lawful Intercept ( wiretapping ). The intention is *not* for > > a host to use this method to discover anything, but rather for > > *other* servers in the network to use this method to be able to > > discover the IP address of the first-hop router(s) so that they may > > request some service from the first-hop router(s) related to the host. > > Some method of identifying the intercept access point is necessary > > for Lawful Intercept. > > For a purely US-only application, or for an application where the > source country, target country, and all intervening countries have > similar laws, I think that might potentially be a valid use. > > However, in the modern Internet, I don't think that really has > much application. I don't think anyone is about to do anything that > would allow anyone else to request that their router provide > arbitrary "lawful intercept" services for some unknown party in some > other country. > > Who knows when this kind of information might be used for > corporate or gov't espionage, or frequently and casually abused by > people with the necessary access, who probably don't even have to be > real law enforcement officers, regardless of how corrupt the police > department may be? > > > And if you can't get broad adoption of this sort of feature, then > what possible use could it serve? > > > I'm sorry. Given what we've learned so far about this, I would > argue most vehemently that we should do everything within our power > to actively kill this proposal, and not just decide whether or not to > passively fail to support it. > > -- > Brad Knowles, <brad.knowles@skynet.be> > > "They that can give up essential liberty to obtain a little temporary > safety deserve neither liberty nor safety." > -Benjamin Franklin, Historical Review of Pennsylvania. > > GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E-(---) W+++(--) N+ > !w--- O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++) > tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++) > #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.