A couple of questions from my journalist brother seeking to outsource his leg work to the wise folks on Silk.
Krish Raghav says - 'In the context of the Blackberry issue, would you say that its time to rethink India's Information technology laws? Are Indian Cyber Laws outdated? If they are, are there, say, five instances where this outdated-ness is glaring?' Ive deliberately left 'technology laws' and 'cyber laws' ambiguous, as Im trying to look at as wide an angle as possible - policy on technology, security and encryption, TRAI's machinations, e-governance etc etc. Just as an example, Telecom regulations require any 'service/person/organisation' who uses 'encryption greater than 40 bit key length in the RSA algorithms' (Source: http://www.dot.gov.in/isp/guide_international_gateway.htm) has to deposit the decryption key with the Telecom Authority. Now, 40 bit encryption, as I understand, is hopelessly outdated, and requiring keys to be submitted to the government for just about anything that uses >40bit is quite unwieldy. -- Krish Ashok Blog: krishashok.wordpress.com GTalk: krishashok www.stage.fm/krishashok
