1997-05-08 - Re: SAFE

Header Data

From: “Mark M.” <markm@voicenet.com>
To: Lee Tien <tien@well.com>
Message Hash: 9e2eab8786c424a0d49fcaae4aa21f41e11f438d0ad3b95d5ba9590dd977a892
Message ID: <Pine.LNX.3.95.970507184619.1208A-100000@purple.voicenet.com>
Reply To: <v03007802af940ac0a7fc@[163.176.132.90]>
UTC Datetime: 1997-05-08 00:05:30 UTC
Raw Date: Thu, 8 May 1997 08:05:30 +0800

Raw message

From: "Mark M." <markm@voicenet.com>
Date: Thu, 8 May 1997 08:05:30 +0800
To: Lee Tien <tien@well.com>
Subject: Re: SAFE
In-Reply-To: <v03007802af940ac0a7fc@[163.176.132.90]>
Message-ID: <Pine.LNX.3.95.970507184619.1208A-100000@purple.voicenet.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 6 May 1997, Lee Tien wrote:

> [I wonder:  how does SAFE interact with IPSEC and arrangements like S/WAN?
> This is not, I think, merely the "willful furtherance" provision.  The "law
> enforcement" access provision may be ambiguous for keys that are not
> "private"; my understanding of IPSEC is that the key is in the possession
> of the machine and not the user.  I'm unclear whether users have 4th A.
> standing to challenge law enforcement access to such keys; there are lots
> of 4th A cases where a person has no privacy interest in information
> because it's been disclosed to another person, or is in another person's
> control.  Of course, I probably don't understand how IPSEC works, so
> corrections are welcomed.]

SKIP, one key exchange protocol for IPSEC, allows for both user and IP-based
keys.  Since these keys would be probably be stored on the same machine, it
raises some interesting 4th A issues.  The keys could either be seen as
under the control of the owner of the computer and can be disclosed at his
discretion, or similar to email where the data is considered private and
the owner of the hardware does not have the right to disclose this
information.

Regardless, one big win with IPSEC is its use of Diffie-Hellman key exchange
which makes recovery of past session keys impossible (I believe the term
for this is "forward secrecy").  A warrant won't do the feds much good.

>
> Lee
>
>
>


Mark
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQEVAwUBM3EJyizIPc7jvyFpAQFAsAf/fcY8HXKbKNQuV4zqqv8FD+VoZL1gLwgw
eHktul7LKHHR7iwMqgiI9qiPzQ4+qmhnYDx5/r6VBoxH83TcbdlWV7CK0idIV/O1
L+ABgTDFDNbvQ+NKHHc2MgWihSkhshcugv32Cwn7ZShWRA9Y2Bj9EuEhrj5ioxzO
s0l1x9i6e7t/jkVr/SL2UnLsM2RzNek5hcABQ6xxvOJ3+g2SgI8RU8OqV9M3agt2
MQVlOWJbR+gI35IJKskEfib5knjl7VXXS/GaIRdAJmpYiGMCY2RitV3PlvnbOv+u
3B8ZFG0l0srdP8Gb03TkbUSz8D5xCQjKBjXtEN/mZI8kwZwztXQtzw==
=JcLr
-----END PGP SIGNATURE-----






Thread