SS will not encrypt your PSTN calls. ZRTP is an end to end protocol. There are no PSTN devices which have ZRTP capabilities.
If someone were to wiretap a conversation like this the requirement would be to target the PSTN endpoint and record. That would produce both sides in the clear. -lee On Monday, July 14, 2014, [email protected] <[email protected]> wrote: > > > Nathan of Guardian: > > > > > > On Mon, Jul 14, 2014 at 1:36 PM, Lee Azzarello > > <[email protected] <javascript:;>> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- > >> Hash: SHA1 > >> > >> There's no advantage to use SS for PSTN calls from a security > >> perspective. If the pricing is attractive to you, give it a shot. > > > > It also opens them up to a bunch CALEA-like requirements since they are > > now operating as a "plain old telephone service". I am curious how they > > are managing this. > > their thinking: > > https://www.silentcircle.com/faq-zrtp > > 4. Is ZRTP CALEA compliant? > Only Silent Phone’s end users are involved in the key negotiation, > and CALEA does not apply to end users. > > Our architecture likely renders that question moot. The > Communications Assistance for Law Enforcement Act applies in the US to > the PSTN phone companies and VoIP service providers, such as Vonage. > CALEA imposes requirements on VoIP service providers to give law > enforcement access to whatever they have at the service provider, which > would be only encrypted voice packets. ZRTP does all its key management > in a peer-to-peer manner, so the service provider does not have access > to any of the keys. Only the end users are involved in the key > negotiation, and CALEA does not apply to end users. > > Here is the operative language from CALEA itself: > > 47 U.S.C. 1002(b)(3): ENCRYPTION - A telecommunications carrier > shall not be responsible for decrypting, or ensuring the government’s > ability to decrypt, any communication encrypted by a subscriber or > customer, unless the encryption was provided by the carrier and the > carrier possesses the information necessary to decrypt the > communication. [emphasis added] > > Also, from the CALEA legislative history : > > Finally, telecommunications carriers have no responsibility to > decrypt encrypted communications that are the subject of court-ordered > wiretaps, unless the carrier provided the encryption and can decrypt it. > This obligation is consistent with the obligation to furnish all > necessary assistance under 18 U.S.C. Section 2518(4). Nothing in this > paragraph would prohibit a carrier from deploying an encryption service > for which it does not retain the ability to decrypt communications for > law enforcement access. [...] Nothing in the bill is intended to limit > or otherwise prevent the use of any type of encryption within the United > States. Nor does the Committee intend this bill to be in any way a > precursor to any kind of ban or limitation on encryption technology. To > the contrary, section 2602 protects the right to use encryption. > > > > >> > >> > >> - -lee > >> > >> On 7/13/14, 7:40 PM, [email protected] <javascript:;> wrote: > >>> has anybody tested or used silent circle for what they call > >>> out-of-circle calls ? > >>> > >>> what's been your quality experience ? anyone know their server > >>> addresses ? > >>> > >>> some claim the quality is better than their own mobile carrier and > >>> use it entirely for outbound calls > >>> > > > > +n > _______________________________________________ > Guardian-dev mailing list > > Post: [email protected] <javascript:;> > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > To Unsubscribe > Send email to: [email protected] > <javascript:;> > Or visit: > https://lists.mayfirst.org/mailman/options/guardian-dev/lee%40guardianproject.info > > You are subscribed as: [email protected] <javascript:;> >
_______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
