German data rentention law

R.A. Hettinga rah at shipwright.com
Sat Oct 18 09:36:45 EDT 2008



Begin forwarded message:

From: Eugen Leitl <eugen at leitl.org>
Date: October 18, 2008 7:08:22 AM GMT-04:00
To: cypherpunks at al-qaeda.net
Subject: German data rentention law

----- Forwarded message from "Karsten N." <tor-admin at privacyfoundation.de 
 > -----

From: "Karsten N." <tor-admin at privacyfoundation.de>
Date: Sat, 18 Oct 2008 10:49:08 +0200
To: or-talk at freehaven.net
Subject: German data rentention law
User-Agent: Thunderbird 2.0.0.6 (Macintosh/20070728)
Reply-To: or-talk at freehaven.net

Hi,

I. part: A short overview about the data rentention law in Germany.

  1: ISPs have to log the start and end of a user dial-in with
     time stamp and IP address. They have not to log any content.

  2: Public provider of electronic mail have to log all connections of
     users with time stamp, IP address, login account and the email
     addresses of sender and recipient for every mail (send and
     receive).

  3: VoIP provider have to log all connections with timestamp,
     IP address and phone number of caller and recipient.

  4: Fon and mobile fon provider have to log all connections and
     tries with timestamp, phone number and location.

  5: Anon services have to log the rewrite of any information, which
     will be logged by a third party. (Thats all, not very clear.)


At the moment, it seems not clear, how tor is affected by this law.
I read some papers from the gouverment: "An anon service (like tor or
JAP) has to log, because the law will be useless otherwise."

Some papers of non-gouverment organizations like ULD: "Tor and JAP are
not affected by the telecommunication law, because it is not a
telecommunication service (in the case of law) and tor nodes have NOT
to log."

Together with the JonDos GmbH (JAP) the GPF try to get a legal
non-logging solution for tor, but the result is open and we are late.
(May be too late?)


II. part: suggestion of a technical solution

May be, tor can use geoip and divide the world in a logging area and a
non-logging area. If the target host is inside the logging area
(Germany), the exit node has to be outside. Otherwise a german node
can be an exit too.

In this case, we have two possibilities:

  1: the target host is outside the logging area -> no logging

  2: the target host is inside the logging area -> the exit is
     outside and writes no logs -> an german entry or middle man
     has to log nothing, because it routes to a not logging exit.

Because not all clients will update to a new version very quickly,
we need a feature for german exit nodes to reject all routes from old
clients, when the node is the exit of the route.

Or, if it was more simple for the developer, a feature for exit nodes
to define a country (based on geoip) to reject all exit routes. If all
german relays used this feature, it may work.

Otherwise, all german nodes have to switch to middle man.

It is only one suggestion, not the really best solution.

Karsten N.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list