-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Christian Huitema <[email protected]> wrote:
> > Except that its clear that they already HAVE gotten "legal" orders > > for such surveillance. E.g. AT&T secret room, GCHQ's deal with > > Level 3, etc... > > If it was purely legal they would do it above the table, installing a > tap inside the data center themselves. They don’t, and most companies > would find that a wide overreach. Yes, and in addition public opinion is relevant here too. We definitely need to work on forcing all surveillance interception to be done explicitly above the table, that will be an important step forward. > Encrypting the links that transport lots of private data to faraway > places look like a reasonable practice. But it is one of many > possible solutions. It may well be more practical to use a form of > end-to-end encryption between the components of the data centers. See > classic debate on end-to-end versus link-by-link, in which end-to-end > tends to win most of the time. Even when end-to-end encryption of all communications content is implemented, there is still the issue of traffic analysis revealing “who communicated with whom/with what service” information. Encrypting links will reduce the attack surface in regard to that. Greetings, Norbert -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFSeiRtGA9C3DSA3ZoRAgvBAKCx30D9Yry1aNf46AToC76cTGI1+QCeM7Q9 VetI3hS5s8DDw28yNji9u8o= =Pg7Y -----END PGP SIGNATURE----- _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
