I also would not rest easy. They came up with a potential model to have secure
encryption and no security. Sure - you can have strong, back doorless
encryption. You just cannot store the information securely
Sent from my mobile device. Thanks be to LEMONADE:
http://www.standardstrack.com/ietf/lemonade
-------- Original message --------
From: Joseph Lorenzo Hall <[email protected]>
Date: 09/22/2015 7:49 AM (GMT-05:00)
To: Dan York <[email protected]>
Cc: perpass <[email protected]>, Stephen Farrell <[email protected]>
Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to
require cleartext, cleartext retention, cipher and backdoor mandates
I'm not so sure we should take comfort in their withdrawal of the policy as all
reports are that they are revising and reissuing... We'll see what the next
iteration involves!
On Tuesday, September 22, 2015, Dan York <[email protected]> wrote:
There was a significant amount of public outcry yesterday within India and the
latest news is that the government of India is apparently withdrawing the draft
policy:
http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draft-of-encryption-policy/articleshow/49057232.cms
Prior to that the government agency involved had already issued an update
saying that the draft policy would NOT apply to TLS in web commerce and social
media, messaging, etc. The update document seems to have been removed, but is
captured here
by a news site:
http://www.medianama.com/2015/09/223-india-draft-encryption-policy/
Dan
On Sep 21, 2015, at 1:07 PM, Stephen Farrell <[email protected]> wrote:
Sheesh, there is so much wrong in that document. And they
top it off by recommending RC4.
Does anyone know if this is a policy that is likely to be
enforced or one that'd be more honoured in the breach?
S.
On 21/09/15 17:45, Joseph Lorenzo Hall wrote:
Obviously, of relevance to those that will be at the IAB MARNEW
workshop this week (although this isn't in any way specific to radio
networks).
* Everyone (all individuals and businesses) using encryption must
store unencrypted content for 90 days
* Government will dictate algorithms and key sizes
* Possibility of a legally mandated backdoor
Article from Daily Dot:
http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/
Text of the proposal (comments due 16 Oct.):
https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
--
Dan York
Senior Content Strategist, Internet Society
[email protected] +1-802-735-1624
Jabber: [email protected]
Skype: danyork http://twitter.com/danyork
http://www.internetsociety.org/
--
Joseph Lorenzo HallChief TechnologistCenter for Democracy & Technology1634 I ST
NW STE 1100Washington DC 20006-4011 (p) 202-407-8825(f)
[email protected]: https://josephhall.org/gpg-keyfingerprint: 3CA2
8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
