Re: And they intend to do this securely, how, exactly?

[Dave Paris <dparis () w3works com>]

On 9/27/2010 6:49 PM, Jeffrey Walton wrote:
> On Mon, Sep 27, 2010 at 10:39 AM,<Valdis.Kletnieks () vt edu>  wrote:
> > http://www.msnbc.msn.com/id/39379819/ns/technology_and_science-security/
> >
> > When the rest of the world is using OpenSSL and SSH, how you gonna do this
> > securely?  (Yes, I know how to MITM an OpenSSL connection.  How do you design
> > a network service so Good Guys can do that but Bad Guys can't?)
> I'd like to read the details on circumventing, side stepping, and
> preventing the use of OpenSSL and friends. Based on the limited
> abilities of politicians (the US is in two wars right now because
> policy exceeded their ability to practice diplomacy), it can't be too
> impressive.
>
> In the end, its more gestapo legislation that will be abused by the US
> government.

It's a technical infeasibility that will never make it as legislation. 
Between non-US software companies, open source projects that will flip 
this their collective birds, and military use of crypto that would now 
require backdoors, I have no fear of this becoming law.

 From the provider side, the hardware capability to monitor and process 
10Gb links (or faster) is prohibitively expensive.  It's not as though 
Tier-1 providers are suddenly going to add taps into each 10G circuit, 
just waiting for that tap to fail and take out a decent amount of capacity.

So, let the politicians be idiots.  It's easier to tell who's completely 
bereft of technical clue - and advisers - that way. (ok, so that's like 
picking the lesser of evils, but still..)
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.