[Cryptography] What if Responsible Encryption Back-Doors Were Possible?

Paul Wouters paul at cypherpunks.ca
Wed Dec 5 14:11:55 EST 2018


On Mon, 3 Dec 2018, Bill Stewart wrote:

> (PKI design for judges' signatures left as an exercise to the reader)

A long long time ago I published the Transport of Intercepted IP Traffic (TIIT),
since then a publicly published document at ETSI :P

https://www.agentschaptelecom.nl/binaries/agentschap-telecom/documenten/publicaties/2018/juli/19/transport-of-intercepted-ip-traffic/TIIT+V1.2.0.+2011-09.pdf

Basically, X.509 CA's issuing signed XML warrants to feed into your monitoring black box.

 	HI1 is concerned only with the administrative protocol involved with
 	LI.  This is used to handle communications between Provider and LEA
 	concerning interceptions. E.g. warrants will be issued through this
 	channel, extension and termination of LI will also be communicated
 	through HI1. Secure communication SHALL be used to transport relevant
 	documents. Which type of secure communication is used depends on the
 	LEA requesting the LI. It is typically an offline communication channel.

The "SHALL" (not MUST) is interesting. I guess they want to email the
xml files :)

Paul


More information about the cryptography mailing list