| ...Also, I hate to say this, we may need to also require that all | encrypted traffic allow inspection of their contents under proper | authority (CALEA essentially).... Why not just require that the senders of malign packets set the Evil Bit in their IP headers?
How can you possibly require that encrypted traffic *generated by the attackers* will allow itself to be inspected? The NSA tried to do that by concealing information about effective cryptographic algorithms while providing algorithms it controlled. But that horse has long left the barn. Effective algorithms are widely known and readily available processors are easily fast enough to implement them. If you require lawful code to use inspectable crypto, every time you successfully inspect a datastream, you'll find - surprise! - that it contains nothing objectionable. Meanwhile, the streams you can't "open up" will continue to contain all the dirty stuff. And, of course, if you attempt to "open" a stream and what you see looks like random bits - is it because someone has given you a bogus key, or because it's a compressed video stream? -- Jerry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]