1) Here's an article from the New York Times. The headline just about says it all. Reportedly THEY want voice-over-internet users to pay for the privilege of having their calls tapped.
> The Call Is Cheap. The Wiretap Is Extra.
http://www.theledger.com/apps/pbcs.dll/article?AID=/20040823/ZNYT01/408230401/1001/BUSINESS
(I cite the version online at The Ledger because folks can read it there without registering, unlike the nytimes.com site.)
===============================================
2) A modest proposal:
I think we should set up the following system:
a) Users certify to their ISP that they use end-to-end strong crypto on all their voice-over-internet calls, using tamper-resistant (or at least tamper-evident) hardware and software.
b) The ISP demands such certification from all users.
c) The ISP declines to install wiretap equipment, and passes the savings on to the users.
... Who could possibly object?
Note that traffic-analysis is still possible, but the equipment to do that is much cheaper.
Also note that if THEY are going to bugger my endpoints to defeat the crypto, they might as well do the job right and change the signalling so that the call goes directly to THEIR premises ... That way the ISP doesn't need to get involved, i.e. the ISP has no tap-related costs.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]