South Africa moves to increase Net-surveillance, limit crypto
Clive D. W. Feather
clive at on-the-train.demon.co.uk
Tue Aug 14 06:34:40 EDT 2001
In article <20010813120838.A2040 at cluebot.com>, Declan McCullagh
<declan at well.com> writes
>* Internet providers may not "provide any telecommunication service which
>does not have the capacity to be monitored." A provider is responsible for
>"decrypting any communication encrypted by a customer if the facility for
>encryption was provided by the service provider concerned." This represents
>an attack on liberty, privacy, and autonomy, and is akin to anti-encryption
>rules in Russia a few years ago. Though as a practical matter, a lot would
>seem to turn on the definition of "provide." Does that mean giving someone
>an SSL-enabled web browser? IPv6 software?
I suspect that it's aimed at link-layer encryption. In other words,
where the ISP/telco runs one end of the encryption themselves, but the
most convenient point to tap happens to be on the encrypted part of the
Given the requirement to tap, this isn't an unreasonable addition.
>* Internet providers cannot reveal wiretaps. "No person who is or was
>concerned in the performance of any function in terms of this Act, may
>disclose any information which he or she obtained in the performance of
>such a function" (except to officials or courts).
That's a fairly standard requirement.
Clive D.W. Feather, writing for himself | Home: <clive at davros.org>
Tel: +44 20 8371 1138 (work) | Web: <http://www.davros.org>
Fax: +44 20 8371 4037 (D-fax) | Work: <clive at demon.net>
Written on my laptop; please observe the Reply-To address
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 477 bytes
Desc: not available
More information about the cryptography