[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SAFE



-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 6 May 1997, Lee Tien wrote:

> [I wonder:  how does SAFE interact with IPSEC and arrangements like S/WAN?
> This is not, I think, merely the "willful furtherance" provision.  The "law
> enforcement" access provision may be ambiguous for keys that are not
> "private"; my understanding of IPSEC is that the key is in the possession
> of the machine and not the user.  I'm unclear whether users have 4th A.
> standing to challenge law enforcement access to such keys; there are lots
> of 4th A cases where a person has no privacy interest in information
> because it's been disclosed to another person, or is in another person's
> control.  Of course, I probably don't understand how IPSEC works, so
> corrections are welcomed.]

SKIP, one key exchange protocol for IPSEC, allows for both user and IP-based
keys.  Since these keys would be probably be stored on the same machine, it
raises some interesting 4th A issues.  The keys could either be seen as
under the control of the owner of the computer and can be disclosed at his
discretion, or similar to email where the data is considered private and
the owner of the hardware does not have the right to disclose this
information.

Regardless, one big win with IPSEC is its use of Diffie-Hellman key exchange
which makes recovery of past session keys impossible (I believe the term
for this is "forward secrecy").  A warrant won't do the feds much good.

>
> Lee
>
>
>


Mark
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQEVAwUBM3EJyizIPc7jvyFpAQFAsAf/fcY8HXKbKNQuV4zqqv8FD+VoZL1gLwgw
eHktul7LKHHR7iwMqgiI9qiPzQ4+qmhnYDx5/r6VBoxH83TcbdlWV7CK0idIV/O1
L+ABgTDFDNbvQ+NKHHc2MgWihSkhshcugv32Cwn7ZShWRA9Y2Bj9EuEhrj5ioxzO
s0l1x9i6e7t/jkVr/SL2UnLsM2RzNek5hcABQ6xxvOJ3+g2SgI8RU8OqV9M3agt2
MQVlOWJbR+gI35IJKskEfib5knjl7VXXS/GaIRdAJmpYiGMCY2RitV3PlvnbOv+u
3B8ZFG0l0srdP8Gb03TkbUSz8D5xCQjKBjXtEN/mZI8kwZwztXQtzw==
=JcLr
-----END PGP SIGNATURE-----