[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[DEBATE][FIFF-L][Fwd: IP-Modifikation zur Ueberwachung?]





Hallo Leute,

wie neugierig und erfinderisch die Lauscher an der Wand sind, sollte man
sich immer mal wieder vergegenwaertige, dazu folgendes Mail,

viele Gruesse
Ingo Ruhmann



---------- Forwarded message ----------
Date: Thu, 18 Dec 1997 10:28:49 -0500
From: Art Brodsky <arb@well.com>
To: declan@smtp.well.com
Subject: comm daily story

 Here's the story from Comm Daily, Dec. 17

'Optimistic and Damned Silly'

     INTERNET CHANGE FOCUS OF INTERNATIONAL LAW ENFORCEMENT

     Law enforcement officials of U.S. and 7 other industrialized
countries want to make fundamental changes in Internet technology
in order to aid in their ability to track and catch criminals,
Justice Dept. sources said.

     Program to consider changes in Internet architectures comes as
part of agreement announced last week by Attorney Gen. Janet Reno
and Justice ministers from around world after meeting in Washington
(CD Dec 11 p10).  However, one leading Internet authority, MCI
Senior Vp Vinton Cerf, said international group's plan wouldn't
work.

     Justice ministers are considering approach similar to that of
Communications Assistance to Law Enforcement Act (CALEA) program in
U.S., which would make traffic from advanced telecom networks more
accessible to law enforcement entities.  Representatives of Canada,
France, Germany, Italy, Japan, Russia and U.K., as well as U.S.,
agreed as part of "statement of principles" issued in communique
following 2-day session that:  "To the extent practicable,
information and telecommunications systems should be designed to
help prevent and detect network abuse, and should also facilitate
the tracing of criminals and the collection of evidence."  Several
items on "action plan" issued in support of those principles refer
to working with new technologies to collect critical evidence,
developing standards for authenticating electronic data for use in
investigations and encouraging standards-making bodies to provide
public and private sectors "with standards for reliable and secure
telecommunications and data processing technologies."

     DoJ officials said Dept. may want to talk later with telephone
industry on trap and trace issues, but it's premature to involve
them now in follow-up to international summit.  Instead, they said,
they are looking at broader picture of telecom networks that
haven't worked as closely with law enforcement as they could, and
have begun thinking about Internet protocols.  Internet operates
globally with common protocols, currently Internet Protocol version
4.  Internet engineers are working on next iteration, version IPv6
(Internet Protocol version 6 -- 5 was experimental attempt that was
dropped).  Justice official said that one problem now is that it's
easy to send and receive e-mail with false address, called
"spoofing."

     It would be helpful to law enforcement if information sent
over Internet were tagged, and packets would transmit information
reliably as to where they came from, including user and service
provider, officials said.  Loose analogy would be to compare e-mail
messages to tagging of explosives, so law enforcement can track
explosive material to its source.  DoJ said new protocols could be
designed to make it easier to authenticate messages and to make
system more reliable.  Law enforcement wants to work with industry
to accomplish goal, saying it would help "keep people who are
abusing information technologies from continuing to do it."

     There will be substantial obstacles to law enforcement
concept, however.  Not least of them is that IPv6 will include
sophisticated encryption capabilities as part of protocols.  Such
security isn't built in to Internet now, one of reasons why
electronic commerce has yet to take off, said Mark McFadden,
communications dir. for Commercial Internet eXchange Assn. (CIX).
That feature will make it harder for law enforcement to gain access
to information, he said.

     Cerf, co-inventor of Internet protocols, said in interview
that law enforcement's concept of tagging e-mail messages wouldn't
work:  "To imagine that we would instantly create the
infrastructure for that throughout the entire Internet strikes me
as optimistic and damned silly, at least in the short term.  Anyone
who anticipates using tools to guarantee that everything will be
traceable is not going to have a successful outcome."  Technically,
such project could be accomplished, Cerf said, but having
administrative infrastructure to administer it is quite different
issue.

     It's possible to have digital signature for every packet of
data, but it would take "an enormous amount of processing, and it's
not clear we have any network computers and routers that could do
that and maintain the traffic flow that's required," Cerf said.  It
also would require that each sender affix digital signature to each
piece of mail, idea that Cerf said couldn't be enforced:  "Frankly,
the idea of trying to guarantee traceability of that kind is far
from implementable."  He said he didn't want to be misunderstood
that his objections were "an argument in favor of criminality."
But Cerf said he worries that "someone relies on what they think is
a technical solution without recognizing all of the administrative
mechanics that need to be put in place."

     Law enforcement has some time to work with Internet community.
McFadden said IPv6 isn't scheduled to be implemented at consumer
level for at least 5 years, possibly as much as 10.  There was some
urgency when it appeared that reservoir of Internet addresses would
dry up, but with progress being made to protect addresses as scarce
resource there's less pressure for new set of protocols, he said.

posted with permission Warren Publishing