[Jeffrey Walton <noloa...@gmail.com> (2012-02-12 10:57:02 UTC)] > (1) How can a company actively attack a secure channel and tamper with > communications if there are federal laws prohibiting it?
IANAL, as they say, but I guess they are acting under the presumption that any communication originating in the company's own is the company's own communication, and so they can do anything they please with it. It could be argued that the notion of "tampering" with your own communications doesn't make sense, and so there is no breach of federal law. I am not defending the above interpretation, nor am I saying for sure that it holds water. But I think it is a reasonable guess, at least that that the company's lawyers will use arguments along those lines (abeit argued in more legalese terms) if they had to defend this practice. > (2) Did the other end of the SSL/TLS tunnel also agree to be monitored? Rhetorical question? The obvious answer is "no". - Harald _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography