From nobody Wed Sep 16 09:47:22 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6AD581B35AB; Wed, 16 Sep 2015 09:39:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -14.51 X-Spam-Level: X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DABUT4Wk64R7; Wed, 16 Sep 2015 09:39:34 -0700 (PDT) Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE5051B35A0; Wed, 16 Sep 2015 09:39:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=14344; q=dns/txt; s=iport; t=1442421574; x=1443631174; h=from:to:cc:subject:date:message-id:mime-version; bh=xITknju1eiWUaYtdwfkBLAzwzAgy2QAdLIMwccvsVto=; b=iQij0Hl95tt0V3dUuOfSNCWMwIFsGJmo/vGaGavpPbqz5QbFxO5ud7jp c/Tl2fFiyNW+vaNBPYJz9EqHzNGXjTn8ayf5gxoQifStvX4crmQR5smGu LJ/I7++cdeaiB4bZYjdTjOyeaIe8jUHr9bDfmsVbbLPbZNCW4plGie/Kf k=; X-Files: ATT00001.txt : 130 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A0CsAgASmvlV/4cNJK1eglZNVGkGvH8qDoFvAQmFeQKBRjgUAQEBAQEBAX8LhCMBAQEEAQEBKkELEgEZBAEBKAklCxQJCQEEDgUIBoggDck/AQEBAQEBAQEBAQEBAQEBAQEBAQEBF40tgzUbBoQtBZI2gygBgkiBXWqJQUaDb4g2iG2DawERDgFDhAFxiSWBBQEBAQ X-IronPort-AV: E=Sophos;i="5.17,540,1437436800"; d="txt'?scan'208,217";a="32644571" Received: from alln-core-2.cisco.com ([173.36.13.135]) by rcdn-iport-2.cisco.com with ESMTP; 16 Sep 2015 16:39:32 +0000 Received: from XCH-RCD-005.cisco.com (xch-rcd-005.cisco.com [173.37.102.15]) by alln-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id t8GGdWfk015769 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Wed, 16 Sep 2015 16:39:32 GMT Received: from xch-aln-003.cisco.com (173.36.7.13) by XCH-RCD-005.cisco.com (173.37.102.15) with Microsoft SMTP Server (TLS) id 15.0.1104.5; Wed, 16 Sep 2015 11:39:32 -0500 Received: from xch-aln-003.cisco.com ([173.36.7.13]) by XCH-ALN-003.cisco.com ([173.36.7.13]) with mapi id 15.00.1104.000; Wed, 16 Sep 2015 11:39:31 -0500 From: "Bernie Volz (volz)" To: "perpass@ietf.org" Thread-Topic: DHC WG - WGLC for 3 privacy related drafts (respond by September 22nd) Thread-Index: AdDwnfhDha4iMZmuTc6FDtfc4PkvFg== Date: Wed, 16 Sep 2015 16:39:31 +0000 Message-ID: <732083ac02d94de29f4be134139b698b@XCH-ALN-003.cisco.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.131.76.157] Content-Type: multipart/mixed; boundary="_004_732083ac02d94de29f4be134139b698bXCHALN003ciscocom_" MIME-Version: 1.0 Archived-At: X-Mailman-Approved-At: Wed, 16 Sep 2015 09:47:21 -0700 Cc: "dhc-chairs@ietf.org" , "'draft-ietf-dhc-dhcp-privacy@ietf.org'" , "draft-ietf-dhc-dhcpv6-privacy@ietf.org" , "'draft-ietf-dhc-anonymity-profile@ietf.org'" Subject: [perpass] DHC WG - WGLC for 3 privacy related drafts (respond by September 22nd) X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Sep 2015 16:39:36 -0000 --_004_732083ac02d94de29f4be134139b698bXCHALN003ciscocom_ Content-Type: multipart/alternative; boundary="_000_732083ac02d94de29f4be134139b698bXCHALN003ciscocom_" --_000_732083ac02d94de29f4be134139b698bXCHALN003ciscocom_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi: The DHC WG co-chairs would appreciate any reviews that the perpass group co= uld do on these drafts. They are in WGLC status. Thanks in advance. - Tomek & Bernie From: dhcwg [mailto:dhcwg-bounces@ietf.org] On Behalf Of Bernie Volz (volz) Sent: Wednesday, September 16, 2015 12:36 PM Subject: [dhcwg] Reminder - 3 WGLC active (respond by September 22nd) Hi: Just a reminder that we have WGLCs for the following 3 documents ended Sept= ember 22nd: 1. draft-ietf-dhc-anonymity-profile-03, Anonymity profile for DHCP cl= ients, http://tools.ietf.org/html/draft-ietf-dhc-anonymity-profile-03. This= document's intended status is Standards Track. At present, there is 1 IPR = filed against this document. 2. draft-ietf-dhc-dhcpv6-privacy-01, Privacy considerations for DHCPv= 6, http://tools.ietf.org/html/draft-ietf-dhc-dhcpv6-privacy-01. This docume= nt's intended status is Informational. At present, there is no IPR file aga= inst this document. 3. draft-ietf-dhc-dhcp-privacy-01, Privacy considerations for DHCPv4 = -- http://tools.ietf.org/html/draft-ietf-dhc-dhcp-privacy-01. This docume= nt's intended status is Informational. At present, there is no IPR file aga= inst this document. Please send your comments by September 22th, 2015. If you do not feel this = document should advance, please state your reasons why. Thanks! - Tomek & Bernie --_000_732083ac02d94de29f4be134139b698bXCHALN003ciscocom_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi:<= /p>

 

The DHC WG co-chairs w= ould appreciate any reviews that the perpass group could do on these drafts= . They are in WGLC status.

 

Thanks in advance.

 

-&nb= sp;         Tomek & Be= rnie

 

From: dhcwg [mailto:dhcwg-bounces@ietf.org] <= b>On Behalf Of Bernie Volz (volz)
Sent: Wednesday, September 16, 2015 12:36 PM
Subject: [dhcwg] Reminder - 3 WGLC active (respond by September 22nd= )

 

Hi:

 

Just a reminder that we have WGLCs for the following= 3 documents ended September 22nd:

 

1.     &= nbsp; draft-ietf-dhc-anonymity-profile-03, Anonymity prof= ile for DHCP clients, = http://tools.ietf.org/html/draft-ietf-dhc-anonymity-profile-03. This do= cument’s intended status is Standards Track. At present, there is 1 I= PR filed against this document.

2.     &= nbsp; draft-ietf-dhc-dhcpv6-privacy-01, Privacy considera= tions for DHCPv6, htt= p://tools.ietf.org/html/draft-ietf-dhc-dhcpv6-privacy-01. This document= ’s intended status is Informational. At present, there is no IPR file= against this document.

3.     &= nbsp; draft-ietf-dhc-dhcp-privacy-01, Privacy considerati= ons for DHCPv4  --  http:= //tools.ietf.org/html/draft-ietf-dhc-dhcp-privacy-01. This documentR= 17;s intended status is Informational. At present, there is no IPR file aga= inst this document.

 

Please send your comments by September 22th, 2015. I= f you do not feel this  document should advance, please state your rea= sons why.

 

Thanks!

 

-     &= nbsp;    Tomek & Bernie

--_000_732083ac02d94de29f4be134139b698bXCHALN003ciscocom_-- --_004_732083ac02d94de29f4be134139b698bXCHALN003ciscocom_ Content-Type: text/plain; name="ATT00001.txt" Content-Description: ATT00001.txt Content-Disposition: attachment; filename="ATT00001.txt"; size=130; creation-date="Wed, 16 Sep 2015 16:36:39 GMT"; modification-date="Wed, 16 Sep 2015 16:36:39 GMT" Content-ID: <27527267F6EE9B4EA454C5BA6ABBCE71@emea.cisco.com> Content-Transfer-Encoding: base64 X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18NCmRoY3dnIG1h aWxpbmcgbGlzdA0KZGhjd2dAaWV0Zi5vcmcNCmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4v bGlzdGluZm8vZGhjd2cNCg== --_004_732083ac02d94de29f4be134139b698bXCHALN003ciscocom_-- From nobody Fri Sep 18 20:19:49 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D39071B4424 for ; Fri, 18 Sep 2015 20:19:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.8 X-Spam-Level: X-Spam-Status: No, score=0.8 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g0fvdZGUFGMb for ; Fri, 18 Sep 2015 20:19:47 -0700 (PDT) Received: from xsmtp11.mail2web.com (xsmtp11.mail2web.com [168.144.250.181]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 789301B2D51 for ; Fri, 18 Sep 2015 20:19:47 -0700 (PDT) Received: from [10.5.2.52] (helo=xmail12.myhosting.com) by xsmtp11.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from ) id 1Zd8gj-0002xE-LR for perpass@ietf.org; Fri, 18 Sep 2015 23:19:46 -0400 Received: (qmail 8518 invoked from network); 19 Sep 2015 03:19:44 -0000 Received: from unknown (HELO icebox) (Authenticated-user:_huitema@huitema.net@[24.16.156.113]) (envelope-sender ) by xmail12.myhosting.com (qmail-ldap-1.03) with ESMTPA for ; 19 Sep 2015 03:19:44 -0000 From: "Christian Huitema" To: "'Bernie Volz \(volz\)'" , References: <732083ac02d94de29f4be134139b698b@XCH-ALN-003.cisco.com> In-Reply-To: <732083ac02d94de29f4be134139b698b@XCH-ALN-003.cisco.com> Date: Fri, 18 Sep 2015 20:19:41 -0700 Message-ID: <017301d0f28a$072be430$1583ac90$@huitema.net> MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 15.0 Thread-Index: AQFEGeO/Bi5iqFvvgk2G7hmWojaEJZ9c3vXw Content-Language: en-us Archived-At: Cc: dhc-chairs@ietf.org, draft-ietf-dhc-dhcp-privacy@ietf.org, draft-ietf-dhc-dhcpv6-privacy@ietf.org, draft-ietf-dhc-anonymity-profile@ietf.org Subject: Re: [perpass] DHC WG - WGLC for 3 privacy related drafts (respond by September 22nd) X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Sep 2015 03:19:49 -0000 On Wednesday, September 16, 2015 9:40 AM, Bernie Volz wrote > > The DHC WG co-chairs would appreciate any reviews that the > perpass group could do on these drafts. They are in WGLC status. > > Thanks in advance. The DHCP work is one of the examples of "data minimization" for privacy -- along with the DNS work. It is quite important for the privacy program at the IETF. Please take a minute and review the drafts! -- Christian Huitema From nobody Mon Sep 21 09:45:30 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCC421A916E for ; Mon, 21 Sep 2015 09:45:28 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 1.322 X-Spam-Level: * X-Spam-Status: No, score=1.322 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F58m9ITMeP7M for ; Mon, 21 Sep 2015 09:45:28 -0700 (PDT) Received: from mail-lb0-x236.google.com (mail-lb0-x236.google.com [IPv6:2a00:1450:4010:c04::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 918131A9148 for ; Mon, 21 Sep 2015 09:45:27 -0700 (PDT) Received: by lbpo4 with SMTP id o4so54413860lbp.2 for ; Mon, 21 Sep 2015 09:45:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:from:date:message-id:subject:to:content-type; bh=hRm6+5t67FnHcAp8UIqzfnuEBTz++KeLnRhehxZ7Zok=; b=LFULEx6YxGGe3Kn7H5DG5FxRixcqWYgQ0aNK01h+bBCcdMARHgucEQg623ovID1iQu dkJD9OlKBGpT98aH8uuDRQZayJ32U1MHj7Ek1PhJCWcsQp7nlLPEzdpheZlviRnHOTZU mA6db7cQ16v43o0cpw9wegK0WjIV9wbUuq+Qo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type; bh=hRm6+5t67FnHcAp8UIqzfnuEBTz++KeLnRhehxZ7Zok=; b=fTSoYV6rWuVScUi9JaSvWkVQI7zHDc0Iif7qziFRC/PP9kJsFlxWf+KNI9MWOJdTz3 /fa4pNjRFHn7KMD09IVL4ZkoawMlRi4c8m+fBo3oVSrtVuz4Ltkp3Ro3HrCaWuMJpduo u6IGmxaFJP1OeX1F5Elv7QeFt2eKmdZqesGDvsvPOiZbAaAK7yoMSVsOWns3Rb3uCn0H HUjoysaWZrGjspFQQqMQ2QuAKOgcoDvz4T0BgN2CcgZCeSKeGV1qGgORrz/iTnNkSwiO VZyhxeRkq0ee8uSLn/LP65IxyoJZhK9pdBP0qQk1m1oDGVNwZQJXMux1oUNJ8+N1WxfB IE9g== X-Gm-Message-State: ALoCoQkH5xToV07HsievvXCkPVwiLd1FxnuJNHBfbxQiaFMQGyxBNTWhowbI9Aqr6DBTJUn2Ql+K X-Received: by 10.152.7.37 with SMTP id g5mr7973765laa.22.1442853925660; Mon, 21 Sep 2015 09:45:25 -0700 (PDT) MIME-Version: 1.0 Received: by 10.25.199.138 with HTTP; Mon, 21 Sep 2015 09:45:06 -0700 (PDT) From: Joseph Lorenzo Hall Date: Mon, 21 Sep 2015 12:45:06 -0400 Message-ID: To: perpass Content-Type: text/plain; charset=UTF-8 Archived-At: Subject: [perpass] India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Sep 2015 16:45:29 -0000 Obviously, of relevance to those that will be at the IAB MARNEW workshop this week (although this isn't in any way specific to radio networks). * Everyone (all individuals and businesses) using encryption must store unencrypted content for 90 days * Government will dictate algorithms and key sizes * Possibility of a legally mandated backdoor Article from Daily Dot: http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ Text of the proposal (comments due 16 Oct.): https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 From nobody Mon Sep 21 10:07:41 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DFF9E1A92E0 for ; Mon, 21 Sep 2015 10:07:40 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.311 X-Spam-Level: X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e2Lgfklz8vHn for ; Mon, 21 Sep 2015 10:07:39 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 93B0D1A92B7 for ; Mon, 21 Sep 2015 10:07:39 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 478D8BE5C; Mon, 21 Sep 2015 18:07:38 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SoR9XCB-yLnJ; Mon, 21 Sep 2015 18:07:36 +0100 (IST) Received: from [10.87.48.73] (unknown [86.46.24.221]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 1913EBE38; Mon, 21 Sep 2015 18:07:36 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1442855256; bh=20R8C1x2mMNgOuh95CmZ/Y2ZXZ8dSawcQbgV8mNH3bc=; h=Subject:To:References:From:Date:In-Reply-To:From; b=q8RQ8MFaOTZqQvDt2n63BEhjFmryyPLrSxnHmP4lIeW04iy9viDnkcwirLgKtxTZx RKhuxP20n86vq9cp5r5umvAIKVMLGV/aHnS9qcJQqDqMrMVBLABxXYN4J/duqcbOux 3nPO2u8VPM3kXcN+z91VxhidciUvRGjbdYyJ2G30= To: Joseph Lorenzo Hall , perpass References: From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Message-ID: <56003957.9020308@cs.tcd.ie> Date: Mon, 21 Sep 2015 18:07:35 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [perpass] India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Sep 2015 17:07:41 -0000 Sheesh, there is so much wrong in that document. And they top it off by recommending RC4. Does anyone know if this is a policy that is likely to be enforced or one that'd be more honoured in the breach? S. On 21/09/15 17:45, Joseph Lorenzo Hall wrote: > Obviously, of relevance to those that will be at the IAB MARNEW > workshop this week (although this isn't in any way specific to radio > networks). > > * Everyone (all individuals and businesses) using encryption must > store unencrypted content for 90 days > * Government will dictate algorithms and key sizes > * Possibility of a legally mandated backdoor > > Article from Daily Dot: > http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ > > Text of the proposal (comments due 16 Oct.): > https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf > > From nobody Tue Sep 22 02:57:37 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BF71B1A1B2E for ; Tue, 22 Sep 2015 02:57:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kGhEIaHOe6pW for ; Tue, 22 Sep 2015 02:57:33 -0700 (PDT) Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0082.outbound.protection.outlook.com [65.55.169.82]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4AFDF1A1A8B for ; Tue, 22 Sep 2015 02:57:33 -0700 (PDT) Received: from CY1PR0601MB1657.namprd06.prod.outlook.com (10.163.232.19) by CY1PR0601MB1660.namprd06.prod.outlook.com (10.163.232.22) with Microsoft SMTP Server (TLS) id 15.1.274.16; Tue, 22 Sep 2015 09:57:30 +0000 Received: from CY1PR0601MB1657.namprd06.prod.outlook.com ([10.163.232.19]) by CY1PR0601MB1657.namprd06.prod.outlook.com ([10.163.232.19]) with mapi id 15.01.0274.009; Tue, 22 Sep 2015 09:57:30 +0000 From: Dan York To: Stephen Farrell Thread-Topic: India withdraws encryption policy - Re: [perpass] India posed to require cleartext, cleartext retention, cipher and backdoor mandates Thread-Index: AQHQ9IzuEja2wYydg0a5INRrh1L0V55HNuuAgAEaJ4A= Date: Tue, 22 Sep 2015 09:57:28 +0000 Message-ID: References: <56003957.9020308@cs.tcd.ie> In-Reply-To: <56003957.9020308@cs.tcd.ie> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=york@isoc.org; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [74.69.229.215] x-microsoft-exchange-diagnostics: 1; CY1PR0601MB1660; 5:1Csi5oNdqT1PdOFaEGDx3mQZe/qvJuG28oqVf3Mlndi4+Ed1ft1HzuGguhgWwTnDFpCyUq5LjrwKWCRERmrOQ5i3TqiKwK7Mrm/Iqbw7utvJ6FJa8nmcqxfUEfFJSYcx5lNpP+cqzaNJXdaHacQzMw==; 24:7P7V53m3hiDeK1ZuoMTODr6Ec1fSR0DHt2ZKCKGFwZtelw4EaJ6QkwdNhoqOnOFgvIxA0v2gMJ3/3HvciaGe3KWYx6i+N8TeYRzjbZhkODg=; 20:D16dR4/bYbUfyALiZRX6y/OHGiYxBpGUmWb2TnLmFZzWVkMWBQRZVww0zuR2MrC/sn+M4Jve8u3s0PhdrPYTDw== x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:CY1PR0601MB1660; x-microsoft-antispam-prvs: x-exchange-antispam-report-test: UriScan:; x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(520078)(3002001); SRVR:CY1PR0601MB1660; BCL:0; PCL:0; RULEID:; SRVR:CY1PR0601MB1660; x-forefront-prvs: 0707248B64 x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(189002)(377454003)(479174004)(24454002)(199003)(5001960100002)(2950100001)(77096005)(77156002)(561944003)(5001830100001)(64706001)(66066001)(2900100001)(86362001)(82746002)(5002640100001)(68736005)(92566002)(105586002)(81156007)(102836002)(62966003)(110136002)(229853001)(4001540100001)(101416001)(46102003)(5001860100001)(106356001)(99286002)(10400500002)(19580395003)(5004730100002)(122556002)(19580405001)(16236675004)(15395725005)(33656002)(11100500001)(87936001)(19617315012)(50986999)(83716003)(54356999)(76176999)(97736004)(189998001)(15975445007)(36756003)(40100003)(5007970100001)(106116001)(104396002); DIR:OUT; SFP:1101; SCL:1; SRVR:CY1PR0601MB1660; H:CY1PR0601MB1657.namprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; received-spf: None (protection.outlook.com: isoc.org does not designate permitted sender hosts) spamdiagnosticoutput: 1:23 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_F13C24AF2A4F426C8600AEC4CF4979E1isocorg_" MIME-Version: 1.0 X-OriginatorOrg: isoc.org X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Sep 2015 09:57:28.7484 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0601MB1660 Archived-At: Cc: perpass , Joseph Lorenzo Hall Subject: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 09:57:36 -0000 --_000_F13C24AF2A4F426C8600AEC4CF4979E1isocorg_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable There was a significant amount of public outcry yesterday within India and = the latest news is that the government of India is apparently withdrawing t= he draft policy: http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draf= t-of-encryption-policy/articleshow/49057232.cms Prior to that the government agency involved had already issued an update s= aying that the draft policy would NOT apply to TLS in web commerce and soci= al media, messaging, etc. The update document seems to have been removed, = but is captured here by a news site: http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ Dan On Sep 21, 2015, at 1:07 PM, Stephen Farrell > wrote: Sheesh, there is so much wrong in that document. And they top it off by recommending RC4. Does anyone know if this is a policy that is likely to be enforced or one that'd be more honoured in the breach? S. On 21/09/15 17:45, Joseph Lorenzo Hall wrote: Obviously, of relevance to those that will be at the IAB MARNEW workshop this week (although this isn't in any way specific to radio networks). * Everyone (all individuals and businesses) using encryption must store unencrypted content for 90 days * Government will dictate algorithms and key sizes * Possibility of a legally mandated backdoor Article from Daily Dot: http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ Text of the proposal (comments due 16 Oct.): https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf _______________________________________________ perpass mailing list perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass -- Dan York Senior Content Strategist, Internet Society york@isoc.org +1-802-735-1624 Jabber: york@jabber.isoc.org Skype: danyork http://twitter.com/danyork http://www.internetsociety.org/ --_000_F13C24AF2A4F426C8600AEC4CF4979E1isocorg_ Content-Type: text/html; charset="us-ascii" Content-ID: <5E9AF59673EB9F44998CFE59596DB8BE@namprd06.prod.outlook.com> Content-Transfer-Encoding: quoted-printable
There was a significant amount of public outcry yesterday w= ithin India and the latest news is that the government of India is apparent= ly withdrawing the draft policy:

http= ://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draft-of= -encryption-policy/articleshow/49057232.cms

Prior to that the government agency involved had already is= sued an update saying that the draft policy would NOT apply to TLS in web c= ommerce and social media, messaging, etc.  The update document seems t= o have been removed, but is captured here by a news site:


Dan

On Sep 21, 2015, at 1:07 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie= > wrote:


Sheesh, there is so much wrong in that document. And they
top it off by recommending RC4.

Does anyone know if this is a policy that is likely to be
enforced or one that'd be more honoured in the breach?

S.

On 21/09/15 17:45, Joseph Lorenzo Hall wrote:
Obviously, of relevance to those that = will be at the IAB MARNEW
workshop this week (although this isn't in any way specific to radio
networks).

* Everyone (all individuals and businesses) using encryption must
store unencrypted content for 90 days
* Government will dictate algorithms and key sizes
* Possibility of a legally mandated backdoor

Article from Daily Dot:
http://www.dailydot.com/politics/india-encryption-bac= kdoors-draft-policy/

Text of the proposal (comments due 16 Oct.):
https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf



_______________________________________________
perpass mailing list
perpass@ietf.org
https://www.ietf.org/mailman/listinfo/perpass

--
Dan York
Senior Content Strategist, Int= ernet Society



--_000_F13C24AF2A4F426C8600AEC4CF4979E1isocorg_-- From nobody Tue Sep 22 03:20:13 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE1B61A1B6B for ; Tue, 22 Sep 2015 03:20:12 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.311 X-Spam-Level: X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gEsXgg4Wbxe5 for ; Tue, 22 Sep 2015 03:20:10 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 497DD1A1B6F for ; Tue, 22 Sep 2015 03:20:06 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id C0D4ABE49; Tue, 22 Sep 2015 11:20:04 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TdVdwqcGoeC1; Tue, 22 Sep 2015 11:20:01 +0100 (IST) Received: from [10.87.48.73] (unknown [86.46.24.221]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 4C315BE57; Tue, 22 Sep 2015 11:20:00 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1442917200; bh=ugrVQcZMrSd3pvXZnR4eX/hQkMJkZnVNcMd1Ak/4iMI=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=vewNLRQMonZdXTDUJTCNtbzIsDT/VTQ0BOX0N7pbyyl+TerUsDxKVBPcHTmZm4L+2 egOz40fJ5avzVJClnli4M73e4sBAofhGXxAVYGk2t2bFYhpLiEfpw3bN8InVDi/zAE u11/BAVkOopia84W44Esmq+jSQy6GMf4Mg6uExPo= To: Dan York References: <56003957.9020308@cs.tcd.ie> From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= X-Enigmail-Draft-Status: N1110 Message-ID: <56012B4F.8000403@cs.tcd.ie> Date: Tue, 22 Sep 2015 11:19:59 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Archived-At: Cc: perpass , Joseph Lorenzo Hall Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 10:20:13 -0000 On 22/09/15 10:57, Dan York wrote: > There was a significant amount of public outcry yesterday within > India and the latest news is that the government of India is > apparently withdrawing the draft policy: > That was quick. Optimistically, it is good to see common sense breaking out a bit. And that maybe today's widespread use of TLS for very widely used services sort of protects crypto generally by making it more obviously a bad idea to muck with the internals. We here can continue to help improve that last part. A more pessimistic speculation would be this was a proposal some local securocrats [1] had sitting in a filing cabinet ready to be pulled out whenever they figured it was politically opportune. This time, they forgot to sanity-check that the content was still ok today before showing it off. Maybe they picked the wrong moment as well, not sure, but they definitely didn't do the sanity checks. In that case, they'd likely do better next time. It'd be mildly interesting if someone were to analyse the content to estimate when it might originally have been written. Cheers, S. [1] https://en.wiktionary.org/wiki/securocrat > http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draft-of-encryption-policy/articleshow/49057232.cms > > Prior to that the government agency involved had already issued an > update saying that the draft policy would NOT apply to TLS in web > commerce and social media, messaging, etc. The update document seems > to have been removed, but is captured here by a news site: > > http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ > > Dan > > On Sep 21, 2015, at 1:07 PM, Stephen Farrell > > wrote: > > > Sheesh, there is so much wrong in that document. And they top it off > by recommending RC4. > > Does anyone know if this is a policy that is likely to be enforced or > one that'd be more honoured in the breach? > > S. > > On 21/09/15 17:45, Joseph Lorenzo Hall wrote: Obviously, of relevance > to those that will be at the IAB MARNEW workshop this week (although > this isn't in any way specific to radio networks). > > * Everyone (all individuals and businesses) using encryption must > store unencrypted content for 90 days * Government will dictate > algorithms and key sizes * Possibility of a legally mandated > backdoor > > Article from Daily Dot: > http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ > > Text of the proposal (comments due 16 Oct.): > https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf > > > > _______________________________________________ perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass > > -- Dan York Senior Content Strategist, Internet Society > york@isoc.org +1-802-735-1624 Jabber: > york@jabber.isoc.org Skype: danyork > http://twitter.com/danyork > > http://www.internetsociety.org/ > > > > > > > > _______________________________________________ perpass mailing list > perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass > From nobody Tue Sep 22 04:49:15 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3EEB1A6EDB for ; Tue, 22 Sep 2015 04:49:13 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.377 X-Spam-Level: X-Spam-Status: No, score=-1.377 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OgnYoPkwG2WF for ; Tue, 22 Sep 2015 04:49:12 -0700 (PDT) Received: from mail-la0-x230.google.com (mail-la0-x230.google.com [IPv6:2a00:1450:4010:c03::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 997441A21C3 for ; Tue, 22 Sep 2015 04:49:11 -0700 (PDT) Received: by lagj9 with SMTP id j9so8754673lag.2 for ; Tue, 22 Sep 2015 04:49:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=zOLoebbJyng1EcHPXGG1/WHxarRp3i6ESjRusZZRwKg=; b=s+2JfLle5QKOtQBIXHmGfxFnNlpLlExvLl8lzepWWYPSHhKCjL5ej/rqgEtrngVaNw C7uuQ2bTEWuFgdKBZRIFlNBvY34xoAB/dGiJrTL4FL+XIWhCtva5RwpgE3ISJPU7GTre PQdiJKazP33kMZJ8UH882HqrejE+aeS7ME1ZE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=zOLoebbJyng1EcHPXGG1/WHxarRp3i6ESjRusZZRwKg=; b=BUGv8TdUbgHmlHq9L6KSTto+N78x7xhW/Xxf7u9MA8qvKBRxbXWCysVGwcrFt4xmLs M9sUQoPCUuWI1dIoSAyB2laFWtasGC0tpsiHlBL+iJJP6y5AOUFiumOhSNLCwD7684OD m2Hu3NDAbVyFdUhCPFuinRMRBnFv35qSrBULp/0p8RzZqWgkppmBnJF0FyHi4LoDJ1Oc EttCPbsJrekXU0i5/0Sv+AbU0/r5r24U+fv6kiKB05SaUlw8VR+9UADwmRQ9lU2D4stk XIj6AlfOLF/yLQkNyYOVksBNnJKHD/zAek1QDY9NDotYWBSrJ2g0AhsuteldgZhdGpqQ OpHg== X-Gm-Message-State: ALoCoQlySkX+hzL26u+TuqYu9eS9r7H1XeoR6HhgSouXBmnCeqWWbDZUoMIjCwEHR0fYva4QbrVf MIME-Version: 1.0 X-Received: by 10.152.179.40 with SMTP id dd8mr9311652lac.119.1442922549205; Tue, 22 Sep 2015 04:49:09 -0700 (PDT) Received: by 10.25.199.138 with HTTP; Tue, 22 Sep 2015 04:49:09 -0700 (PDT) In-Reply-To: References: <56003957.9020308@cs.tcd.ie> Date: Tue, 22 Sep 2015 07:49:09 -0400 Message-ID: From: Joseph Lorenzo Hall To: Dan York Content-Type: multipart/alternative; boundary=001a113433eefbf68c0520549583 Archived-At: Cc: perpass , Stephen Farrell Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 11:49:14 -0000 --001a113433eefbf68c0520549583 Content-Type: text/plain; charset=UTF-8 I'm not so sure we should take comfort in their withdrawal of the policy as all reports are that they are revising and reissuing... We'll see what the next iteration involves! On Tuesday, September 22, 2015, Dan York wrote: > There was a significant amount of public outcry yesterday within India and > the latest news is that the government of India is apparently withdrawing > the draft policy: > > > http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draft-of-encryption-policy/articleshow/49057232.cms > > Prior to that the government agency involved had already issued an update > saying that the draft policy would NOT apply to TLS in web commerce and > social media, messaging, etc. The update document seems to have been > removed, but is captured here by a news site: > > http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ > > Dan > > On Sep 21, 2015, at 1:07 PM, Stephen Farrell > wrote: > > > Sheesh, there is so much wrong in that document. And they > top it off by recommending RC4. > > Does anyone know if this is a policy that is likely to be > enforced or one that'd be more honoured in the breach? > > S. > > On 21/09/15 17:45, Joseph Lorenzo Hall wrote: > > Obviously, of relevance to those that will be at the IAB MARNEW > workshop this week (although this isn't in any way specific to radio > networks). > > * Everyone (all individuals and businesses) using encryption must > store unencrypted content for 90 days > * Government will dictate algorithms and key sizes > * Possibility of a legally mandated backdoor > > Article from Daily Dot: > http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ > > Text of the proposal (comments due 16 Oct.): > https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf > > > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass > > > -- > Dan York > Senior Content Strategist, Internet Society > york@isoc.org > +1-802-735-1624 > Jabber: york@jabber.isoc.org > > Skype: danyork http://twitter.com/danyork > > http://www.internetsociety.org/ > > > > > -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 --001a113433eefbf68c0520549583 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable I'm not so sure we should take comfort in their withdrawal of the polic= y as all reports=C2=A0are that they are revising and reissuing= ... We'll see what the next iteration involves!

On Tuesday, Sept= ember 22, 2015, Dan York <york@isoc.org= > wrote:
There was a significant amount of public outcry yesterday within India= and the latest news is that the government of India is apparently withdraw= ing the draft policy:

http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-d= raft-of-encryption-policy/articleshow/49057232.cms

Prior to that the government agency involved had already issued an upd= ate saying that the draft policy would NOT apply to TLS in web commerce and= social media, messaging, etc.=C2=A0 The update document seems to have been= removed, but is captured here by a news site:


Dan

On Sep 21, 2015, at 1:07 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:


Sheesh, there is so much wrong in that document. And they
top it off by recommending RC4.

Does anyone know if this is a policy that is likely to be
enforced or one that'd be more honoured in the breach?

S.

On 21/09/15 17:45, Joseph Lorenzo Hall wrote:
Obviously, of relevance to those that will be at = the IAB MARNEW
workshop this week (although this isn't in any way specific to radio networks).

* Everyone (all individuals and businesses) using encryption must
store unencrypted content for 90 days
* Government will dictate algorithms and key sizes
* Possibility of a legally mandated backdoor

Article from Daily Dot:
http://www.dailydot.com/politics/india-encrypt= ion-backdoors-draft-policy/

Text of the proposal (comments due 16 Oct.):
https://info.publicintelligence.net/IN-DraftEncryptionP= olicy.pdf



_______________________________________________
perpass mailing list
perpass@ietf.org
https://www.ietf.org/mailman/listinfo/perpass

--
Dan York
Senior Content Strategist, Internet Socie= ty
york@isoc.org=C2=A0= =C2=A0 +1-802-735-1624
Jabber:=C2=A0york= @jabber.isoc.org=C2=A0
Skype: danyork =C2=A0=C2=A0http://twitter.com/danyork






--
Joseph Lorenzo Hall
=
Chief Technologist
Center for Democracy & Technology
1634 I ST NW STE 1100
Washington DC 20006-4011=C2=A0
=
(p) 202-407-8825
(f) 202-637-0968
fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 =C2=A01607 5F86 6= 987 40A9 A871



--001a113433eefbf68c0520549583-- From nobody Tue Sep 22 04:58:18 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBA911A6EF9 for ; Tue, 22 Sep 2015 04:58:16 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.011 X-Spam-Level: X-Spam-Status: No, score=-1.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_NEUTRAL=0.779, T_DKIM_INVALID=0.01] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nY1j_cVjGKm6 for ; Tue, 22 Sep 2015 04:58:15 -0700 (PDT) Received: from biz104.inmotionhosting.com (biz104.inmotionhosting.com [74.124.215.108]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40EE31A6EDE for ; Tue, 22 Sep 2015 04:58:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=standardstrack.com; s=default; h=Content-Type:MIME-Version:To:From:Message-ID:Subject:Date; bh=G8IP9tBZwnunL6FKIUI23P6kCH739AV74HUxzYcXWYQ=; b=P9uEgy48WoIdigOJzkklMWDCVoFbSKo/+pbBS5/Uw5FyaV70jOsFhKeCKwU80sfFmLN0YZgVLFvSXKimcToAz/neKFaJ4XzSdEotfXyS6xaAZsmOsfE6xeoUSNRnq7Ua/mJjjN0Yk8d5a7vtYVo/qVgSqp4e3/rT023cSozQ7I0=; Received: from 122.sub-70-192-198.myvzw.com ([70.192.198.122]:6391 helo=[100.77.108.11]) by biz104.inmotionhosting.com with esmtpsa (TLSv1:RC4-SHA:128) (Exim 4.85) (envelope-from ) id 1ZeMD0-0005by-Vn for perpass@ietf.org; Tue, 22 Sep 2015 04:58:14 -0700 Date: Tue, 22 Sep 2015 07:58:04 -0400 Message-ID: Importance: normal From: Eric Burger To: perpass MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="--_com.android.email_3206973088857840" X-OutGoing-Spam-Status: No, score=-2.9 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - biz104.inmotionhosting.com X-AntiAbuse: Original Domain - ietf.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - standardstrack.com X-Get-Message-Sender-Via: biz104.inmotionhosting.com: authenticated_id: eburger+standardstrack.com/only user confirmed/virtual account not confirmed Archived-At: Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 11:58:17 -0000 ----_com.android.email_3206973088857840 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: base64 CiAgICAKSSBhbHNvIHdvdWxkIG5vdCByZXN0IGVhc3kuIFRoZXkgY2FtZSB1cCB3aXRoIGEgcG90 ZW50aWFsIG1vZGVsIHRvIGhhdmUgc2VjdXJlIGVuY3J5cHRpb24gYW5kIG5vIHNlY3VyaXR5LiBT dXJlIC0geW91IGNhbiBoYXZlIHN0cm9uZywgYmFjayBkb29ybGVzcyBlbmNyeXB0aW9uLiBZb3Ug anVzdCBjYW5ub3Qgc3RvcmUgdGhlIGluZm9ybWF0aW9uIHNlY3VyZWx5wqAKCgpTZW50IGZyb20g bXkgbW9iaWxlIGRldmljZS4gVGhhbmtzIGJlIHRvIExFTU9OQURFOiBodHRwOi8vd3d3LnN0YW5k YXJkc3RyYWNrLmNvbS9pZXRmL2xlbW9uYWRlCgotLS0tLS0tLSBPcmlnaW5hbCBtZXNzYWdlIC0t LS0tLS0tCkZyb206IEpvc2VwaCBMb3JlbnpvIEhhbGwgPGpvZUBjZHQub3JnPiAKRGF0ZTogMDkv MjIvMjAxNSAgNzo0OSBBTSAgKEdNVC0wNTowMCkgClRvOiBEYW4gWW9yayA8eW9ya0Bpc29jLm9y Zz4gCkNjOiBwZXJwYXNzIDxwZXJwYXNzQGlldGYub3JnPiwgU3RlcGhlbiBGYXJyZWxsIDxzdGVw aGVuLmZhcnJlbGxAY3MudGNkLmllPiAKU3ViamVjdDogUmU6IFtwZXJwYXNzXSBJbmRpYSB3aXRo ZHJhd3MgZW5jcnlwdGlvbiBwb2xpY3kgLSBSZTogSW5kaWEgcG9zZWQgdG8gcmVxdWlyZSBjbGVh cnRleHQsIGNsZWFydGV4dCByZXRlbnRpb24sIGNpcGhlciBhbmQgYmFja2Rvb3IgbWFuZGF0ZXMg CgpJJ20gbm90IHNvIHN1cmUgd2Ugc2hvdWxkIHRha2UgY29tZm9ydCBpbiB0aGVpciB3aXRoZHJh d2FsIG9mIHRoZSBwb2xpY3kgYXMgYWxsIHJlcG9ydHPCoGFyZSB0aGF0IHRoZXkgYXJlIHJldmlz aW5nIGFuZCByZWlzc3VpbmcuLi4gV2UnbGwgc2VlIHdoYXQgdGhlIG5leHQgaXRlcmF0aW9uIGlu dm9sdmVzIQoKT24gVHVlc2RheSwgU2VwdGVtYmVyIDIyLCAyMDE1LCBEYW4gWW9yayA8eW9ya0Bp c29jLm9yZz4gd3JvdGU6CgoKCgoKVGhlcmUgd2FzIGEgc2lnbmlmaWNhbnQgYW1vdW50IG9mIHB1 YmxpYyBvdXRjcnkgeWVzdGVyZGF5IHdpdGhpbiBJbmRpYSBhbmQgdGhlIGxhdGVzdCBuZXdzIGlz IHRoYXQgdGhlIGdvdmVybm1lbnQgb2YgSW5kaWEgaXMgYXBwYXJlbnRseSB3aXRoZHJhd2luZyB0 aGUgZHJhZnQgcG9saWN5OgoKCgpodHRwOi8vdGltZXNvZmluZGlhLmluZGlhdGltZXMuY29tL3Rl Y2gvdGVjaC1uZXdzL0dvdmVybm1lbnQtd2l0aGRyYXdzLWRyYWZ0LW9mLWVuY3J5cHRpb24tcG9s aWN5L2FydGljbGVzaG93LzQ5MDU3MjMyLmNtcwoKCgpQcmlvciB0byB0aGF0IHRoZSBnb3Zlcm5t ZW50IGFnZW5jeSBpbnZvbHZlZCBoYWQgYWxyZWFkeSBpc3N1ZWQgYW4gdXBkYXRlIHNheWluZyB0 aGF0IHRoZSBkcmFmdCBwb2xpY3kgd291bGQgTk9UIGFwcGx5IHRvIFRMUyBpbiB3ZWIgY29tbWVy Y2UgYW5kIHNvY2lhbCBtZWRpYSwgbWVzc2FnaW5nLCBldGMuwqAgVGhlIHVwZGF0ZSBkb2N1bWVu dCBzZWVtcyB0byBoYXZlIGJlZW4gcmVtb3ZlZCwgYnV0IGlzIGNhcHR1cmVkIGhlcmUKIGJ5IGEg bmV3cyBzaXRlOgoKCgpodHRwOi8vd3d3Lm1lZGlhbmFtYS5jb20vMjAxNS8wOS8yMjMtaW5kaWEt ZHJhZnQtZW5jcnlwdGlvbi1wb2xpY3kvCgoKCkRhbgoKCgoKCk9uIFNlcCAyMSwgMjAxNSwgYXQg MTowNyBQTSwgU3RlcGhlbiBGYXJyZWxsIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPiB3cm90 ZToKCgoKClNoZWVzaCwgdGhlcmUgaXMgc28gbXVjaCB3cm9uZyBpbiB0aGF0IGRvY3VtZW50LiBB bmQgdGhleQoKdG9wIGl0IG9mZiBieSByZWNvbW1lbmRpbmcgUkM0LgoKCgpEb2VzIGFueW9uZSBr bm93IGlmIHRoaXMgaXMgYSBwb2xpY3kgdGhhdCBpcyBsaWtlbHkgdG8gYmUKCmVuZm9yY2VkIG9y IG9uZSB0aGF0J2QgYmUgbW9yZSBob25vdXJlZCBpbiB0aGUgYnJlYWNoPwoKCgpTLgoKCgpPbiAy MS8wOS8xNSAxNzo0NSwgSm9zZXBoIExvcmVuem8gSGFsbCB3cm90ZToKCk9idmlvdXNseSwgb2Yg cmVsZXZhbmNlIHRvIHRob3NlIHRoYXQgd2lsbCBiZSBhdCB0aGUgSUFCIE1BUk5FVwoKd29ya3No b3AgdGhpcyB3ZWVrIChhbHRob3VnaCB0aGlzIGlzbid0IGluIGFueSB3YXkgc3BlY2lmaWMgdG8g cmFkaW8KCm5ldHdvcmtzKS4KCgoKKiBFdmVyeW9uZSAoYWxsIGluZGl2aWR1YWxzIGFuZCBidXNp bmVzc2VzKSB1c2luZyBlbmNyeXB0aW9uIG11c3QKCnN0b3JlIHVuZW5jcnlwdGVkIGNvbnRlbnQg Zm9yIDkwIGRheXMKCiogR292ZXJubWVudCB3aWxsIGRpY3RhdGUgYWxnb3JpdGhtcyBhbmQga2V5 IHNpemVzCgoqIFBvc3NpYmlsaXR5IG9mIGEgbGVnYWxseSBtYW5kYXRlZCBiYWNrZG9vcgoKCgpB cnRpY2xlIGZyb20gRGFpbHkgRG90OgoKaHR0cDovL3d3dy5kYWlseWRvdC5jb20vcG9saXRpY3Mv aW5kaWEtZW5jcnlwdGlvbi1iYWNrZG9vcnMtZHJhZnQtcG9saWN5LwoKCgpUZXh0IG9mIHRoZSBw cm9wb3NhbCAoY29tbWVudHMgZHVlIDE2IE9jdC4pOgoKaHR0cHM6Ly9pbmZvLnB1YmxpY2ludGVs bGlnZW5jZS5uZXQvSU4tRHJhZnRFbmNyeXB0aW9uUG9saWN5LnBkZgoKCgoKCgoKCl9fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fCgpwZXJwYXNzIG1haWxpbmcg bGlzdAoKcGVycGFzc0BpZXRmLm9yZwoKaHR0cHM6Ly93d3cuaWV0Zi5vcmcvbWFpbG1hbi9saXN0 aW5mby9wZXJwYXNzCgoKCgoKCgoKCgotLQoKRGFuIFlvcmsKClNlbmlvciBDb250ZW50IFN0cmF0 ZWdpc3QsIEludGVybmV0IFNvY2lldHkKCnlvcmtAaXNvYy5vcmfCoMKgICsxLTgwMi03MzUtMTYy NAoKSmFiYmVyOsKgeW9ya0BqYWJiZXIuaXNvYy5vcmfCoAoKU2t5cGU6IGRhbnlvcmsgwqDCoGh0 dHA6Ly90d2l0dGVyLmNvbS9kYW55b3JrCgoKCgoKaHR0cDovL3d3dy5pbnRlcm5ldHNvY2lldHku b3JnLwoKCgoKCgoKCgoKCgoKCgotLSAKSm9zZXBoIExvcmVuem8gSGFsbENoaWVmIFRlY2hub2xv Z2lzdENlbnRlciBmb3IgRGVtb2NyYWN5ICYgVGVjaG5vbG9neTE2MzQgSSBTVCBOVyBTVEUgMTEw MFdhc2hpbmd0b24gREMgMjAwMDYtNDAxMcKgKHApIDIwMi00MDctODgyNShmKSAyMDItNjM3LTA5 Njhqb2VAY2R0Lm9yZ1BHUDogaHR0cHM6Ly9qb3NlcGhoYWxsLm9yZy9ncGcta2V5ZmluZ2VycHJp bnQ6IDNDQTIgOEQ3QiA5RjZEIERCRDMgNEIxMCDCoDE2MDcgNUY4NiA2OTg3IDQwQTkgQTg3MQoK Cgo= ----_com.android.email_3206973088857840 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: base64 PGh0bWw+PGhlYWQ+PG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0 L2h0bWw7IGNoYXJzZXQ9VVRGLTgiPjwvaGVhZD48Ym9keT4KICAgIAo8ZGl2PkkgYWxzbyB3b3Vs ZCBub3QgcmVzdCBlYXN5LiBUaGV5IGNhbWUgdXAgd2l0aCBhIHBvdGVudGlhbCBtb2RlbCB0byBo YXZlIHNlY3VyZSBlbmNyeXB0aW9uIGFuZCBubyBzZWN1cml0eS4gU3VyZSAtIHlvdSBjYW4gaGF2 ZSBzdHJvbmcsIGJhY2sgZG9vcmxlc3MgZW5jcnlwdGlvbi4gWW91IGp1c3QgY2Fubm90IHN0b3Jl IHRoZSBpbmZvcm1hdGlvbiBzZWN1cmVseSZuYnNwOzwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+ PGJyPjwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXYgaWQ9ImNvbXBvc2VyX3NpZ25hdHVyZSI+U2Vu dCBmcm9tIG15IG1vYmlsZSBkZXZpY2UuIFRoYW5rcyBiZSB0byBMRU1PTkFERTogaHR0cDovL3d3 dy5zdGFuZGFyZHN0cmFjay5jb20vaWV0Zi9sZW1vbmFkZTwvZGl2Pjxicj48YnI+LS0tLS0tLS0g T3JpZ2luYWwgbWVzc2FnZSAtLS0tLS0tLTxicj5Gcm9tOiBKb3NlcGggTG9yZW56byBIYWxsICZs dDtqb2VAY2R0Lm9yZyZndDsgPGJyPkRhdGU6IDA5LzIyLzIwMTUgIDc6NDkgQU0gIChHTVQtMDU6 MDApIDxicj5UbzogRGFuIFlvcmsgJmx0O3lvcmtAaXNvYy5vcmcmZ3Q7IDxicj5DYzogcGVycGFz cyAmbHQ7cGVycGFzc0BpZXRmLm9yZyZndDssIFN0ZXBoZW4gRmFycmVsbCAmbHQ7c3RlcGhlbi5m YXJyZWxsQGNzLnRjZC5pZSZndDsgPGJyPlN1YmplY3Q6IFJlOiBbcGVycGFzc10gSW5kaWEgd2l0 aGRyYXdzIGVuY3J5cHRpb24gcG9saWN5IC0gUmU6IEluZGlhIHBvc2VkIHRvIHJlcXVpcmUgY2xl YXJ0ZXh0LCBjbGVhcnRleHQgcmV0ZW50aW9uLCBjaXBoZXIgYW5kIGJhY2tkb29yIG1hbmRhdGVz IDxicj48YnI+SSdtIG5vdCBzbyBzdXJlIHdlIHNob3VsZCB0YWtlIGNvbWZvcnQgaW4gdGhlaXIg d2l0aGRyYXdhbCBvZiB0aGUgcG9saWN5IGFzIGFsbCByZXBvcnRzPHNwYW4+PC9zcGFuPiZuYnNw O2FyZSB0aGF0IHRoZXkgYXJlIHJldmlzaW5nIGFuZCByZWlzc3VpbmcuLi4gV2UnbGwgc2VlIHdo YXQgdGhlIG5leHQgaXRlcmF0aW9uIGludm9sdmVzITxicj48YnI+T24gVHVlc2RheSwgU2VwdGVt YmVyIDIyLCAyMDE1LCBEYW4gWW9yayAmbHQ7PGEgaHJlZj0ibWFpbHRvOnlvcmtAaXNvYy5vcmci PnlvcmtAaXNvYy5vcmc8L2E+Jmd0OyB3cm90ZTo8YnI+PGJsb2NrcXVvdGUgY2xhc3M9ImdtYWls X3F1b3RlIiBzdHlsZT0ibWFyZ2luOjAgMCAwIC44ZXg7Ym9yZGVyLWxlZnQ6MXB4ICNjY2Mgc29s aWQ7cGFkZGluZy1sZWZ0OjFleCI+CgoKCjxkaXYgc3R5bGU9IndvcmQtd3JhcDpicmVhay13b3Jk Ij4KPGRpdj5UaGVyZSB3YXMgYSBzaWduaWZpY2FudCBhbW91bnQgb2YgcHVibGljIG91dGNyeSB5 ZXN0ZXJkYXkgd2l0aGluIEluZGlhIGFuZCB0aGUgbGF0ZXN0IG5ld3MgaXMgdGhhdCB0aGUgZ292 ZXJubWVudCBvZiBJbmRpYSBpcyBhcHBhcmVudGx5IHdpdGhkcmF3aW5nIHRoZSBkcmFmdCBwb2xp Y3k6PC9kaXY+CjxkaXY+PGJyPgo8L2Rpdj4KPGEgaHJlZj0iaHR0cDovL3RpbWVzb2ZpbmRpYS5p bmRpYXRpbWVzLmNvbS90ZWNoL3RlY2gtbmV3cy9Hb3Zlcm5tZW50LXdpdGhkcmF3cy1kcmFmdC1v Zi1lbmNyeXB0aW9uLXBvbGljeS9hcnRpY2xlc2hvdy80OTA1NzIzMi5jbXMiIHRhcmdldD0iX2Js YW5rIj5odHRwOi8vdGltZXNvZmluZGlhLmluZGlhdGltZXMuY29tL3RlY2gvdGVjaC1uZXdzL0dv dmVybm1lbnQtd2l0aGRyYXdzLWRyYWZ0LW9mLWVuY3J5cHRpb24tcG9saWN5L2FydGljbGVzaG93 LzQ5MDU3MjMyLmNtczwvYT4KPGRpdj48YnI+CjwvZGl2Pgo8ZGl2PlByaW9yIHRvIHRoYXQgdGhl IGdvdmVybm1lbnQgYWdlbmN5IGludm9sdmVkIGhhZCBhbHJlYWR5IGlzc3VlZCBhbiB1cGRhdGUg c2F5aW5nIHRoYXQgdGhlIGRyYWZ0IHBvbGljeSB3b3VsZCBOT1QgYXBwbHkgdG8gVExTIGluIHdl YiBjb21tZXJjZSBhbmQgc29jaWFsIG1lZGlhLCBtZXNzYWdpbmcsIGV0Yy4mbmJzcDsgVGhlIHVw ZGF0ZSBkb2N1bWVudCBzZWVtcyB0byBoYXZlIGJlZW4gcmVtb3ZlZCwgYnV0IGlzIGNhcHR1cmVk IGhlcmUKIGJ5IGEgbmV3cyBzaXRlOjwvZGl2Pgo8ZGl2Pjxicj4KPC9kaXY+CjxkaXY+PGEgaHJl Zj0iaHR0cDovL3d3dy5tZWRpYW5hbWEuY29tLzIwMTUvMDkvMjIzLWluZGlhLWRyYWZ0LWVuY3J5 cHRpb24tcG9saWN5LyIgdGFyZ2V0PSJfYmxhbmsiPmh0dHA6Ly93d3cubWVkaWFuYW1hLmNvbS8y MDE1LzA5LzIyMy1pbmRpYS1kcmFmdC1lbmNyeXB0aW9uLXBvbGljeS88L2E+PC9kaXY+CjxkaXY+ PGJyPgo8L2Rpdj4KPGRpdj5EYW48YnI+CjxkaXY+PGJyPgo8ZGl2Pgo8YmxvY2txdW90ZSB0eXBl PSJjaXRlIj4KPGRpdj5PbiBTZXAgMjEsIDIwMTUsIGF0IDE6MDcgUE0sIFN0ZXBoZW4gRmFycmVs bCAmbHQ7PGEgaHJlZj0iamF2YXNjcmlwdDpfZSglN0IlN0QsJ2N2bWwnLCdzdGVwaGVuLmZhcnJl bGxAY3MudGNkLmllJyk7IiB0YXJnZXQ9Il9ibGFuayI+c3RlcGhlbi5mYXJyZWxsQGNzLnRjZC5p ZTwvYT4mZ3Q7IHdyb3RlOjwvZGl2Pgo8YnI+CjxkaXY+PGJyPgpTaGVlc2gsIHRoZXJlIGlzIHNv IG11Y2ggd3JvbmcgaW4gdGhhdCBkb2N1bWVudC4gQW5kIHRoZXk8YnI+CnRvcCBpdCBvZmYgYnkg cmVjb21tZW5kaW5nIFJDNC48YnI+Cjxicj4KRG9lcyBhbnlvbmUga25vdyBpZiB0aGlzIGlzIGEg cG9saWN5IHRoYXQgaXMgbGlrZWx5IHRvIGJlPGJyPgplbmZvcmNlZCBvciBvbmUgdGhhdCdkIGJl IG1vcmUgaG9ub3VyZWQgaW4gdGhlIGJyZWFjaD88YnI+Cjxicj4KUy48YnI+Cjxicj4KT24gMjEv MDkvMTUgMTc6NDUsIEpvc2VwaCBMb3JlbnpvIEhhbGwgd3JvdGU6PGJyPgo8YmxvY2txdW90ZSB0 eXBlPSJjaXRlIj5PYnZpb3VzbHksIG9mIHJlbGV2YW5jZSB0byB0aG9zZSB0aGF0IHdpbGwgYmUg YXQgdGhlIElBQiBNQVJORVc8YnI+CndvcmtzaG9wIHRoaXMgd2VlayAoYWx0aG91Z2ggdGhpcyBp c24ndCBpbiBhbnkgd2F5IHNwZWNpZmljIHRvIHJhZGlvPGJyPgpuZXR3b3JrcykuPGJyPgo8YnI+ CiogRXZlcnlvbmUgKGFsbCBpbmRpdmlkdWFscyBhbmQgYnVzaW5lc3NlcykgdXNpbmcgZW5jcnlw dGlvbiBtdXN0PGJyPgpzdG9yZSB1bmVuY3J5cHRlZCBjb250ZW50IGZvciA5MCBkYXlzPGJyPgoq IEdvdmVybm1lbnQgd2lsbCBkaWN0YXRlIGFsZ29yaXRobXMgYW5kIGtleSBzaXplczxicj4KKiBQ b3NzaWJpbGl0eSBvZiBhIGxlZ2FsbHkgbWFuZGF0ZWQgYmFja2Rvb3I8YnI+Cjxicj4KQXJ0aWNs ZSBmcm9tIERhaWx5IERvdDo8YnI+CjxhIGhyZWY9Imh0dHA6Ly93d3cuZGFpbHlkb3QuY29tL3Bv bGl0aWNzL2luZGlhLWVuY3J5cHRpb24tYmFja2Rvb3JzLWRyYWZ0LXBvbGljeS8iIHRhcmdldD0i X2JsYW5rIj5odHRwOi8vd3d3LmRhaWx5ZG90LmNvbS9wb2xpdGljcy9pbmRpYS1lbmNyeXB0aW9u LWJhY2tkb29ycy1kcmFmdC1wb2xpY3kvPC9hPjxicj4KPGJyPgpUZXh0IG9mIHRoZSBwcm9wb3Nh bCAoY29tbWVudHMgZHVlIDE2IE9jdC4pOjxicj4KPGEgaHJlZj0iaHR0cHM6Ly9pbmZvLnB1Ymxp Y2ludGVsbGlnZW5jZS5uZXQvSU4tRHJhZnRFbmNyeXB0aW9uUG9saWN5LnBkZiIgdGFyZ2V0PSJf YmxhbmsiPmh0dHBzOi8vaW5mby5wdWJsaWNpbnRlbGxpZ2VuY2UubmV0L0lOLURyYWZ0RW5jcnlw dGlvblBvbGljeS5wZGY8L2E+PGJyPgo8YnI+Cjxicj4KPC9ibG9ja3F1b3RlPgo8YnI+Cl9fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fPGJyPgpwZXJwYXNzIG1h aWxpbmcgbGlzdDxicj4KPGEgaHJlZj0iamF2YXNjcmlwdDpfZSglN0IlN0QsJ2N2bWwnLCdwZXJw YXNzQGlldGYub3JnJyk7IiB0YXJnZXQ9Il9ibGFuayI+cGVycGFzc0BpZXRmLm9yZzwvYT48YnI+ CjxhIGhyZWY9Imh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vcGVycGFzcyIg dGFyZ2V0PSJfYmxhbmsiPmh0dHBzOi8vd3d3LmlldGYub3JnL21haWxtYW4vbGlzdGluZm8vcGVy cGFzczwvYT48YnI+CjwvZGl2Pgo8L2Jsb2NrcXVvdGU+CjwvZGl2Pgo8YnI+CjxkaXY+CjxkaXYg c3R5bGU9ImNvbG9yOnJnYigwLDAsMCk7bGV0dGVyLXNwYWNpbmc6bm9ybWFsO3RleHQtYWxpZ246 c3RhcnQ7dGV4dC1pbmRlbnQ6MHB4O3RleHQtdHJhbnNmb3JtOm5vbmU7d2hpdGUtc3BhY2U6bm9y bWFsO3dvcmQtc3BhY2luZzowcHg7d29yZC13cmFwOmJyZWFrLXdvcmQiPgo8ZGl2Pgo8ZGl2IHN0 eWxlPSJmb250LWZhbWlseTpDYWxpYnJpLHNhbnMtc2VyaWY7Zm9udC1zaXplOjE0cHg7YmFja2dy b3VuZC1jb2xvcjpyZ2IoMjU1LDI1NSwyNTUpIj4KLS08L2Rpdj4KPGRpdiBzdHlsZT0iZm9udC1m YW1pbHk6Q2FsaWJyaSxzYW5zLXNlcmlmO2ZvbnQtc2l6ZToxNHB4O2JhY2tncm91bmQtY29sb3I6 cmdiKDI1NSwyNTUsMjU1KSI+Cjxmb250IGZhY2U9IkNhbGlicmksc2Fucy1zZXJpZiI+RGFuIFlv cms8L2ZvbnQ+PC9kaXY+CjxkaXYgc3R5bGU9ImZvbnQtZmFtaWx5OkNhbGlicmksc2Fucy1zZXJp Zjtmb250LXNpemU6MTRweDtiYWNrZ3JvdW5kLWNvbG9yOnJnYigyNTUsMjU1LDI1NSkiPgo8Zm9u dCBmYWNlPSJDYWxpYnJpLHNhbnMtc2VyaWYiPlNlbmlvciBDb250ZW50IFN0cmF0ZWdpc3QsIElu dGVybmV0IFNvY2lldHk8L2ZvbnQ+PC9kaXY+CjxkaXYgc3R5bGU9ImZvbnQtZmFtaWx5OkNhbGli cmksc2Fucy1zZXJpZjtmb250LXNpemU6MTRweDtiYWNrZ3JvdW5kLWNvbG9yOnJnYigyNTUsMjU1 LDI1NSkiPgo8Zm9udCBmYWNlPSJDYWxpYnJpLHNhbnMtc2VyaWYiPjxhIGhyZWY9ImphdmFzY3Jp cHQ6X2UoJTdCJTdELCdjdm1sJywneW9ya0Bpc29jLm9yZycpOyIgdGFyZ2V0PSJfYmxhbmsiPnlv cmtAaXNvYy5vcmc8L2E+Jm5ic3A7Jm5ic3A7ICsxLTgwMi03MzUtMTYyNDwvZm9udD48L2Rpdj4K PGRpdiBzdHlsZT0iZm9udC1mYW1pbHk6Q2FsaWJyaSxzYW5zLXNlcmlmO2ZvbnQtc2l6ZToxNHB4 O2JhY2tncm91bmQtY29sb3I6cmdiKDI1NSwyNTUsMjU1KSI+Cjxmb250IGZhY2U9IkNhbGlicmks c2Fucy1zZXJpZiI+SmFiYmVyOiZuYnNwOzxhIGhyZWY9ImphdmFzY3JpcHQ6X2UoJTdCJTdELCdj dm1sJywneW9ya0BqYWJiZXIuaXNvYy5vcmcnKTsiIHRhcmdldD0iX2JsYW5rIj55b3JrQGphYmJl ci5pc29jLm9yZzwvYT4mbmJzcDs8L2ZvbnQ+PC9kaXY+CjxkaXYgc3R5bGU9ImZvbnQtZmFtaWx5 OkNhbGlicmksc2Fucy1zZXJpZjtmb250LXNpemU6MTRweDtiYWNrZ3JvdW5kLWNvbG9yOnJnYigy NTUsMjU1LDI1NSkiPgo8Zm9udCBmYWNlPSJDYWxpYnJpLHNhbnMtc2VyaWYiPlNreXBlOiBkYW55 b3JrICZuYnNwOyZuYnNwOzxhIGhyZWY9Imh0dHA6Ly90d2l0dGVyLmNvbS9kYW55b3JrIiB0YXJn ZXQ9Il9ibGFuayI+aHR0cDovL3R3aXR0ZXIuY29tL2Rhbnlvcms8L2E+PC9mb250PjwvZGl2Pgo8 ZGl2IHN0eWxlPSJmb250LWZhbWlseTpDYWxpYnJpLHNhbnMtc2VyaWY7Zm9udC1zaXplOjE0cHg7 YmFja2dyb3VuZC1jb2xvcjpyZ2IoMjU1LDI1NSwyNTUpIj4KPGZvbnQgZmFjZT0iQ2FsaWJyaSxz YW5zLXNlcmlmIj48YnI+CjwvZm9udD48L2Rpdj4KPGRpdiBzdHlsZT0iZm9udC1mYW1pbHk6Q2Fs aWJyaSxzYW5zLXNlcmlmO2ZvbnQtc2l6ZToxNHB4O2JhY2tncm91bmQtY29sb3I6cmdiKDI1NSwy NTUsMjU1KSI+Cjxmb250IGZhY2U9IkNhbGlicmksc2Fucy1zZXJpZiI+PGEgaHJlZj0iaHR0cDov L3d3dy5pbnRlcm5ldHNvY2lldHkub3JnL2RlcGxveTM2MC8iIHRhcmdldD0iX2JsYW5rIj5odHRw Oi8vd3d3LmludGVybmV0c29jaWV0eS5vcmcvPC9hPjwvZm9udD48L2Rpdj4KPC9kaXY+CjwvZGl2 Pgo8YnI+Cjxicj4KPC9kaXY+Cjxicj4KPC9kaXY+CjwvZGl2Pgo8L2Rpdj4KCjwvYmxvY2txdW90 ZT48YnI+PGJyPi0tIDxicj48ZGl2IGRpcj0ibHRyIj48ZGl2Pkpvc2VwaCBMb3JlbnpvIEhhbGw8 L2Rpdj48ZGl2PkNoaWVmIFRlY2hub2xvZ2lzdDwvZGl2PjxkaXY+Q2VudGVyIGZvciBEZW1vY3Jh Y3kgJmFtcDsgVGVjaG5vbG9neTwvZGl2PjxkaXY+MTYzNCBJIFNUIE5XIFNURSAxMTAwPC9kaXY+ PGRpdj5XYXNoaW5ndG9uIERDIDIwMDA2LTQwMTEmbmJzcDs8L2Rpdj48ZGl2PihwKSAyMDItNDA3 LTg4MjU8L2Rpdj48ZGl2PihmKSAyMDItNjM3LTA5Njg8L2Rpdj48ZGl2PjxhIGhyZWY9Im1haWx0 bzpqb2VAY2R0Lm9yZyIgdGFyZ2V0PSJfYmxhbmsiPmpvZUBjZHQub3JnPC9hPjwvZGl2PjxkaXY+ UEdQOiA8YSBocmVmPSJodHRwczovL2pvc2VwaGhhbGwub3JnL2dwZy1rZXkiIHRhcmdldD0iX2Js YW5rIj5odHRwczovL2pvc2VwaGhhbGwub3JnL2dwZy1rZXk8L2E+PC9kaXY+PGRpdj5maW5nZXJw cmludDogM0NBMiA4RDdCIDlGNkQgREJEMyA0QjEwICZuYnNwOzE2MDcgNUY4NiA2OTg3IDQwQTkg QTg3MTwvZGl2PjxkaXY+PGJyPjwvZGl2PjxkaXY+PGJyPjwvZGl2PjwvZGl2Pjxicj4KPC9ib2R5 PjwvaHRtbD4= ----_com.android.email_3206973088857840-- From nobody Tue Sep 22 05:05:00 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E229A1A6F32 for ; Tue, 22 Sep 2015 05:04:59 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.912 X-Spam-Level: X-Spam-Status: No, score=-3.912 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_I_LETTER=-2, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HzpZz_q3Q6TG for ; Tue, 22 Sep 2015 05:04:57 -0700 (PDT) Received: from trammell.ch (trammell.ch [5.148.172.66]) by ietfa.amsl.com (Postfix) with ESMTP id 8DAC91A6F12 for ; Tue, 22 Sep 2015 05:04:57 -0700 (PDT) Received: from [IPv6:2001:67c:10ec:2a49:8000::b9] (unknown [IPv6:2001:67c:10ec:2a49:8000::b9]) by trammell.ch (Postfix) with ESMTPSA id 4E60A1A0176; Tue, 22 Sep 2015 14:04:26 +0200 (CEST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\)) From: Brian Trammell In-Reply-To: Date: Tue, 22 Sep 2015 14:04:25 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: References: <56003957.9020308@cs.tcd.ie> To: Joseph Lorenzo Hall X-Mailer: Apple Mail (2.2104) Archived-At: Cc: perpass , Dan York , Stephen Farrell Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 12:05:00 -0000 It seems to me in general that this type of policy remains very = attractive; governments in particular tend to prize temporary security = over essential freedom. This policy was so obviously silly in its = technical detail that it would inevitably need to be withdrawn, though I = was impressed by the speed and openness with which that was done here.=20= But in general, playing whack-a-mole takes a lot of energy especially = when the policies themselves are largely copypasta. Perhaps we should = put together an IAB/program form letter ("So You've Decided to Ban = Crypto, Here's Why That Won't Work") that we can quickly tailor to the = details in order to be able to make constructive public comments = *before* the withdrawal happens next time? :) Cheers, Brian > On 22 Sep 2015, at 13:49, Joseph Lorenzo Hall wrote: >=20 > I'm not so sure we should take comfort in their withdrawal of the = policy as all reports are that they are revising and reissuing... We'll = see what the next iteration involves! >=20 > On Tuesday, September 22, 2015, Dan York wrote: > There was a significant amount of public outcry yesterday within India = and the latest news is that the government of India is apparently = withdrawing the draft policy: >=20 > = http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-dra= ft-of-encryption-policy/articleshow/49057232.cms >=20 > Prior to that the government agency involved had already issued an = update saying that the draft policy would NOT apply to TLS in web = commerce and social media, messaging, etc. The update document seems to = have been removed, but is captured here by a news site: >=20 > http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ >=20 > Dan >=20 >> On Sep 21, 2015, at 1:07 PM, Stephen Farrell = wrote: >>=20 >>=20 >> Sheesh, there is so much wrong in that document. And they >> top it off by recommending RC4. >>=20 >> Does anyone know if this is a policy that is likely to be >> enforced or one that'd be more honoured in the breach? >>=20 >> S. >>=20 >> On 21/09/15 17:45, Joseph Lorenzo Hall wrote: >>> Obviously, of relevance to those that will be at the IAB MARNEW >>> workshop this week (although this isn't in any way specific to radio >>> networks). >>>=20 >>> * Everyone (all individuals and businesses) using encryption must >>> store unencrypted content for 90 days >>> * Government will dictate algorithms and key sizes >>> * Possibility of a legally mandated backdoor >>>=20 >>> Article from Daily Dot: >>> = http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ >>>=20 >>> Text of the proposal (comments due 16 Oct.): >>> https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf >>>=20 >>>=20 >>=20 >> _______________________________________________ >> perpass mailing list >> perpass@ietf.org >> https://www.ietf.org/mailman/listinfo/perpass >=20 > -- > Dan York > Senior Content Strategist, Internet Society > york@isoc.org +1-802-735-1624 > Jabber: york@jabber.isoc.org=20 > Skype: danyork http://twitter.com/danyork >=20 > http://www.internetsociety.org/ >=20 >=20 >=20 >=20 >=20 > --=20 > Joseph Lorenzo Hall > Chief Technologist > Center for Democracy & Technology > 1634 I ST NW STE 1100 > Washington DC 20006-4011=20 > (p) 202-407-8825 > (f) 202-637-0968 > joe@cdt.org > PGP: https://josephhall.org/gpg-key > fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 >=20 >=20 >=20 > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass From nobody Tue Sep 22 05:19:19 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 04F261A6F7B for ; Tue, 22 Sep 2015 05:19:18 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.601 X-Spam-Level: X-Spam-Status: No, score=-3.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_I_LETTER=-2, HELO_EQ_DK=1.009, RCVD_IN_DNSWL_LOW=-0.7, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GycICwmes4Dy for ; Tue, 22 Sep 2015 05:19:14 -0700 (PDT) Received: from spamfilter1.dtu.dk (spamfilter1.dtu.dk [130.225.73.112]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45ECF1A6F7A for ; Tue, 22 Sep 2015 05:19:13 -0700 (PDT) Received: from ait-pexedg01.win.dtu.dk (ait-pexedg01.win.dtu.dk [192.38.82.191]) by spamfilter1.dtu.dk with ESMTP id t8MCIxaw006011-t8MCIxb4006011 (version=TLSv1.0 cipher=AES128-SHA bits=128 verify=CAFAIL); Tue, 22 Sep 2015 14:19:01 +0200 Received: from AIT-PEX01MBX02.win.dtu.dk (192.38.82.182) by ait-pexedg01.win.dtu.dk (192.38.82.191) with Microsoft SMTP Server (TLS) id 14.3.248.2; Tue, 22 Sep 2015 14:17:21 +0200 Received: from ait-pex01mbx01.win.dtu.dk ([169.254.1.73]) by ait-pex01mbx02.win.dtu.dk ([169.254.2.142]) with mapi id 14.03.0248.002; Tue, 22 Sep 2015 14:17:19 +0200 From: Hugo Maxwell Connery To: Brian Trammell , Joseph Lorenzo Hall Thread-Topic: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates Thread-Index: AQHQ9R0nElblYUf6/UmhRe5ao36XOp5ITaCAgAAERICAACKR3Q== Date: Tue, 22 Sep 2015 12:17:19 +0000 Message-ID: <6CB05D82CE245B4083BBF3B97E2ED47008F85201@ait-pex01mbx01.win.dtu.dk> References: <56003957.9020308@cs.tcd.ie> , In-Reply-To: Accept-Language: en-AU, da-DK, en-US Content-Language: en-AU X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [130.225.73.250] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Archived-At: Cc: perpass , Dan York , Stephen Farrell Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 12:19:18 -0000 Hi, Back in August was the process of BCP'ing RFC1984. (Subject: Recognising RF= C1984 as a BCP). If this has been completed, it could act as an 'attachment' or compliment i= n some way the form letter which Brian suggests below. I repeat that I think the reuse of RFC1984 at this time is an excellent str= ategy as it clearly states "we've been here before, and the arguments still= hold". Regards, Hugo Connery -- Head of IT, DTU Environment, http://www.env.dtu.dk ________________________________________ From: perpass [perpass-bounces@ietf.org] on behalf of Brian Trammell [ietf@= trammell.ch] Sent: Tuesday, 22 September 2015 14:04 To: Joseph Lorenzo Hall Cc: perpass; Dan York; Stephen Farrell Subject: Re: [perpass] India withdraws encryption policy - Re: India posed = to require cleartext, cleartext retention, cipher and backdoor mandates It seems to me in general that this type of policy remains very attractive;= governments in particular tend to prize temporary security over essential = freedom. This policy was so obviously silly in its technical detail that it= would inevitably need to be withdrawn, though I was impressed by the speed= and openness with which that was done here. But in general, playing whack-a-mole takes a lot of energy especially when = the policies themselves are largely copypasta. Perhaps we should put togeth= er an IAB/program form letter ("So You've Decided to Ban Crypto, Here's Why= That Won't Work") that we can quickly tailor to the details in order to be= able to make constructive public comments *before* the withdrawal happens = next time? :) Cheers, Brian > On 22 Sep 2015, at 13:49, Joseph Lorenzo Hall wrote: > > I'm not so sure we should take comfort in their withdrawal of the policy = as all reports are that they are revising and reissuing... We'll see what t= he next iteration involves! > > On Tuesday, September 22, 2015, Dan York wrote: > There was a significant amount of public outcry yesterday within India an= d the latest news is that the government of India is apparently withdrawing= the draft policy: > > http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-dr= aft-of-encryption-policy/articleshow/49057232.cms > > Prior to that the government agency involved had already issued an update= saying that the draft policy would NOT apply to TLS in web commerce and so= cial media, messaging, etc. The update document seems to have been removed= , but is captured here by a news site: > > http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ > > Dan > >> On Sep 21, 2015, at 1:07 PM, Stephen Farrell = wrote: >> >> >> Sheesh, there is so much wrong in that document. And they >> top it off by recommending RC4. >> >> Does anyone know if this is a policy that is likely to be >> enforced or one that'd be more honoured in the breach? >> >> S. >> >> On 21/09/15 17:45, Joseph Lorenzo Hall wrote: >>> Obviously, of relevance to those that will be at the IAB MARNEW >>> workshop this week (although this isn't in any way specific to radio >>> networks). >>> >>> * Everyone (all individuals and businesses) using encryption must >>> store unencrypted content for 90 days >>> * Government will dictate algorithms and key sizes >>> * Possibility of a legally mandated backdoor >>> >>> Article from Daily Dot: >>> http://www.dailydot.com/politics/india-encryption-backdoors-draft-polic= y/ >>> >>> Text of the proposal (comments due 16 Oct.): >>> https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf >>> >>> >> >> _______________________________________________ >> perpass mailing list >> perpass@ietf.org >> https://www.ietf.org/mailman/listinfo/perpass > > -- > Dan York > Senior Content Strategist, Internet Society > york@isoc.org +1-802-735-1624 > Jabber: york@jabber.isoc.org > Skype: danyork http://twitter.com/danyork > > http://www.internetsociety.org/ > > > > > > -- > Joseph Lorenzo Hall > Chief Technologist > Center for Democracy & Technology > 1634 I ST NW STE 1100 > Washington DC 20006-4011 > (p) 202-407-8825 > (f) 202-637-0968 > joe@cdt.org > PGP: https://josephhall.org/gpg-key > fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 > > > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass _______________________________________________ perpass mailing list perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass From nobody Tue Sep 22 05:26:01 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 781DD1A6F6F for ; Tue, 22 Sep 2015 05:25:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -6.311 X-Spam-Level: X-Spam-Status: No, score=-6.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, GB_I_LETTER=-2, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LZTB0QEiC04x for ; Tue, 22 Sep 2015 05:25:52 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 809A71A6FAE for ; Tue, 22 Sep 2015 05:25:52 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 003F8BE2E; Tue, 22 Sep 2015 13:25:50 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KJ5bBTgi3_Pu; Tue, 22 Sep 2015 13:25:44 +0100 (IST) Received: from [10.87.48.73] (unknown [86.46.24.221]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id BB36EBE32; Tue, 22 Sep 2015 13:25:43 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1442924744; bh=6lRtOJyVbmLaY19EZwZspC7YLKcuU3KsXCUSe2QLOEM=; h=Subject:To:References:Cc:From:Date:In-Reply-To:From; b=0La0SoKuaA6G5JomWby8O3lsF5NTHQm4qA7XX3euzj/nhrFSL6Cdwpsw6bfPOHhh+ YhrU8yUrkJcKOXXUAxHSh6Nsm26zdVeHhbz0Gjw4m0Dqd0q5OaVDrvGnymM/+VUcG2 RziMc9mfnjHtjw7WbJ4vEy3aMLo/W09Vs6ZJlMP4= To: Hugo Maxwell Connery , Brian Trammell , Joseph Lorenzo Hall References: <56003957.9020308@cs.tcd.ie> <6CB05D82CE245B4083BBF3B97E2ED47008F85201@ait-pex01mbx01.win.dtu.dk> From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Message-ID: <560148C5.60906@cs.tcd.ie> Date: Tue, 22 Sep 2015 13:25:41 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: <6CB05D82CE245B4083BBF3B97E2ED47008F85201@ait-pex01mbx01.win.dtu.dk> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Cc: perpass , Dan York Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 12:25:58 -0000 On 22/09/15 13:17, Hugo Maxwell Connery wrote: > Hi, > > Back in August was the process of BCP'ing RFC1984. (Subject: > Recognising RFC1984 as a BCP). > > If this has been completed, it could act as an 'attachment' or > compliment in some way the form letter which Brian suggests below. That has been completed [1] so RFC1984 is now an IETF BCP. I'm not sure how long the RFC editor will need before this is visible as BCPnnn but it shouldn't be too long, some weeks maybe. (It's an odd case though changing status on a 1996 RFC, so some tooling might break or something;-) S. [1] https://mailarchive.ietf.org/arch/msg/ietf-announce/FXpz3-UELhF7S5kBxXvTrRDXSgs > > I repeat that I think the reuse of RFC1984 at this time is an > excellent strategy as it clearly states "we've been here before, and > the arguments still hold". > > Regards, Hugo Connery -- Head of IT, DTU Environment, > http://www.env.dtu.dk ________________________________________ From: > perpass [perpass-bounces@ietf.org] on behalf of Brian Trammell > [ietf@trammell.ch] Sent: Tuesday, 22 September 2015 14:04 To: Joseph > Lorenzo Hall Cc: perpass; Dan York; Stephen Farrell Subject: Re: > [perpass] India withdraws encryption policy - Re: India posed to > require cleartext, cleartext retention, cipher and backdoor mandates > > It seems to me in general that this type of policy remains very > attractive; governments in particular tend to prize temporary > security over essential freedom. This policy was so obviously silly > in its technical detail that it would inevitably need to be > withdrawn, though I was impressed by the speed and openness with > which that was done here. > > But in general, playing whack-a-mole takes a lot of energy especially > when the policies themselves are largely copypasta. Perhaps we should > put together an IAB/program form letter ("So You've Decided to Ban > Crypto, Here's Why That Won't Work") that we can quickly tailor to > the details in order to be able to make constructive public comments > *before* the withdrawal happens next time? :) > > Cheers, > > Brian > > >> On 22 Sep 2015, at 13:49, Joseph Lorenzo Hall wrote: >> >> I'm not so sure we should take comfort in their withdrawal of the >> policy as all reports are that they are revising and reissuing... >> We'll see what the next iteration involves! >> >> On Tuesday, September 22, 2015, Dan York wrote: >> There was a significant amount of public outcry yesterday within >> India and the latest news is that the government of India is >> apparently withdrawing the draft policy: >> >> http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draft-of-encryption-policy/articleshow/49057232.cms >> >> >> Prior to that the government agency involved had already issued an update saying that the draft policy would NOT apply to TLS in web commerce and social media, messaging, etc. The update document seems to have been removed, but is captured here by a news site: >> >> http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ >> >> >> Dan >> >>> On Sep 21, 2015, at 1:07 PM, Stephen Farrell >>> wrote: >>> >>> >>> Sheesh, there is so much wrong in that document. And they top it >>> off by recommending RC4. >>> >>> Does anyone know if this is a policy that is likely to be >>> enforced or one that'd be more honoured in the breach? >>> >>> S. >>> >>> On 21/09/15 17:45, Joseph Lorenzo Hall wrote: >>>> Obviously, of relevance to those that will be at the IAB >>>> MARNEW workshop this week (although this isn't in any way >>>> specific to radio networks). >>>> >>>> * Everyone (all individuals and businesses) using encryption >>>> must store unencrypted content for 90 days * Government will >>>> dictate algorithms and key sizes * Possibility of a legally >>>> mandated backdoor >>>> >>>> Article from Daily Dot: >>>> http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ >>>> >>>> >>>> Text of the proposal (comments due 16 Oct.): >>>> https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf >>>> >>>> >>> >>> >>>> _______________________________________________ >>> perpass mailing list perpass@ietf.org >>> https://www.ietf.org/mailman/listinfo/perpass >> >> -- Dan York Senior Content Strategist, Internet Society >> york@isoc.org +1-802-735-1624 Jabber: york@jabber.isoc.org Skype: >> danyork http://twitter.com/danyork >> >> http://www.internetsociety.org/ >> >> >> >> >> >> -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & >> Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) >> 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: >> https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 >> 4B10 1607 5F86 6987 40A9 A871 >> >> >> >> _______________________________________________ perpass mailing >> list perpass@ietf.org >> https://www.ietf.org/mailman/listinfo/perpass > > _______________________________________________ perpass mailing list > perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass > > _______________________________________________ perpass mailing list > perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass > From nobody Tue Sep 22 05:47:54 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A552F1A6FD6 for ; Tue, 22 Sep 2015 05:47:51 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.712 X-Spam-Level: X-Spam-Status: No, score=-2.712 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, GB_I_LETTER=-2, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Os2ta2hWCeBK for ; Tue, 22 Sep 2015 05:47:50 -0700 (PDT) Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F410E1A6FD1 for ; Tue, 22 Sep 2015 05:47:49 -0700 (PDT) Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 8BB4220098; Tue, 22 Sep 2015 08:48:54 -0400 (EDT) Received: by sandelman.ca (Postfix, from userid 179) id B595C637F8; Tue, 22 Sep 2015 08:47:48 -0400 (EDT) Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 957B1637F7; Tue, 22 Sep 2015 08:47:48 -0400 (EDT) From: Michael Richardson To: perpass , Brian Trammell In-Reply-To: References: <56003957.9020308@cs.tcd.ie> X-Mailer: MH-E 8.6; nmh 1.3-dev; GNU Emacs 24.4.2 X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m Sender: mcr@sandelman.ca Archived-At: Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 12:47:51 -0000 --=-=-= Content-Type: text/plain Brian Trammell wrote: > But in general, playing whack-a-mole takes a lot of energy especially > when the policies themselves are largely copypasta. Perhaps we should > put together an IAB/program form letter ("So You've Decided to Ban > Crypto, Here's Why That Won't Work") that we can quickly tailor to the > details in order to be able to make constructive public comments > *before* the withdrawal happens next time? :) Sure, seems like a good idea. One of those fill in the multiple-choice letters, like you get from the school nurse :-) I say this in jest, yet, I'm actually quite serious. -- Michael Richardson , Sandelman Software Works -= IPv6 IoT consulting =- --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQEVAwUBVgFN8YCLcPvd0N1lAQLxZwgAnpSg8jYn/UuWwBef5RH+rc09ztg8t8pe wQVmKN4gXf5wUPwOfLYp4UlYoQXdX2P8OdhqBMgk9/G8D8peHxvnA2SQx7HGS9Np 677UIIr3i0/LyanflrgKBMF3N5+1lF5mvTzr8IhkMchQs+HYT/ZtM1qiMUnEjrNS tegHIj7OnRELMyU0t8nsQP3YaCbnq5YyCKR4/8hmDFOkwVuuCoRLzTn0qUjpGjrs w2G3VZdhAX8NqqGtRvEJA8VKAISPNViMLlU4uHq3Ea42ndr4B1QLLGW4mn/m/QaO aiwKLgoY14FmozEMZkSN6SeTnqLllD85saOZLYKkxLhMJKYMBIjjbw== =ij5c -----END PGP SIGNATURE----- --=-=-=-- From nobody Tue Sep 22 08:18:59 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4D62F1AC419 for ; Tue, 22 Sep 2015 08:18:58 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -3.378 X-Spam-Level: X-Spam-Status: No, score=-3.378 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, GB_I_LETTER=-2] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jVhXc9ncl3bq for ; Tue, 22 Sep 2015 08:18:56 -0700 (PDT) Received: from mail-la0-x22d.google.com (mail-la0-x22d.google.com [IPv6:2a00:1450:4010:c03::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D39891AC418 for ; Tue, 22 Sep 2015 08:18:55 -0700 (PDT) Received: by lahg1 with SMTP id g1so17007254lah.1 for ; Tue, 22 Sep 2015 08:18:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=wd+4RDMUvCsp3RxzzqGuE/YpEQDKxZaFONvn8xahKms=; b=Ohv5b3d4Zd6eH7GuaT2fa/v3fsi9DX4m760OgoV/5H6/O37R6WH2jX0zfm94z91KVF ZGptcienBV2nz68jQLnNzC1tgJSGqTI8KbwTDNDrIF7rz8zusX8Sg7hg6ZCu6/dAuz4B 4+pYDqkEaTgALtQ8y+XwRme3lg1pR7DXYUnfI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=wd+4RDMUvCsp3RxzzqGuE/YpEQDKxZaFONvn8xahKms=; b=MaBTS+vi7yWWIIJ75IxxUlXPxHMnI0cZU01S4UNbE608htuRSO6EgEf/k8+WotGPJB FRHjj1H1KqBSjFuTfvWoCqVL4LI2Rb5hITC6oEaDAWtz3tHVtjanJuE/YPBhzX6LZDPA TssG4ngEgGF3BKIoNY1p93lPnQqpbMNAVVsPovPeJvkKA9hGkCEZgKrl2TFg8JuzRe86 nxMlGFL/ME1JDfFq2Mp0eUNcPWN3MUgHC0+wv5m/qfvEgZZaS76QOwkO8X6ZmdeEY6qE II9W/IiakHhKULlaPyOxzJ6qQK2nefxxLb41FAdKEFbIwXWZ50nmc7iEeoz7q/GWVDRS +3lw== X-Gm-Message-State: ALoCoQmKK/JTmWOBfD8c3JozK5ASIiDEXlZvKgD+bAGV7r36dYohsQwkeBeVefoD7Gjyx43uP6Gm X-Received: by 10.25.40.130 with SMTP id o124mr2763122lfo.41.1442935133970; Tue, 22 Sep 2015 08:18:53 -0700 (PDT) MIME-Version: 1.0 Received: by 10.25.199.138 with HTTP; Tue, 22 Sep 2015 08:18:34 -0700 (PDT) In-Reply-To: <560148C5.60906@cs.tcd.ie> References: <56003957.9020308@cs.tcd.ie> <6CB05D82CE245B4083BBF3B97E2ED47008F85201@ait-pex01mbx01.win.dtu.dk> <560148C5.60906@cs.tcd.ie> From: Joseph Lorenzo Hall Date: Tue, 22 Sep 2015 11:18:34 -0400 Message-ID: To: Stephen Farrell Content-Type: text/plain; charset=UTF-8 Archived-At: Cc: Hugo Maxwell Connery , perpass , Dan York , Brian Trammell Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Sep 2015 15:18:58 -0000 I had started to draft something India-specific in the IAB Privacy and Security Program last night before this withdrawal came up. I'll see what we can do to pivot... On Tue, Sep 22, 2015 at 8:25 AM, Stephen Farrell wrote: > > > On 22/09/15 13:17, Hugo Maxwell Connery wrote: >> Hi, >> >> Back in August was the process of BCP'ing RFC1984. (Subject: >> Recognising RFC1984 as a BCP). >> >> If this has been completed, it could act as an 'attachment' or >> compliment in some way the form letter which Brian suggests below. > > That has been completed [1] so RFC1984 is now an IETF BCP. > > I'm not sure how long the RFC editor will need before this > is visible as BCPnnn but it shouldn't be too long, some weeks > maybe. (It's an odd case though changing status on a 1996 RFC, > so some tooling might break or something;-) > > S. > > [1] > https://mailarchive.ietf.org/arch/msg/ietf-announce/FXpz3-UELhF7S5kBxXvTrRDXSgs > >> >> I repeat that I think the reuse of RFC1984 at this time is an >> excellent strategy as it clearly states "we've been here before, and >> the arguments still hold". >> >> Regards, Hugo Connery -- Head of IT, DTU Environment, >> http://www.env.dtu.dk ________________________________________ From: >> perpass [perpass-bounces@ietf.org] on behalf of Brian Trammell >> [ietf@trammell.ch] Sent: Tuesday, 22 September 2015 14:04 To: Joseph >> Lorenzo Hall Cc: perpass; Dan York; Stephen Farrell Subject: Re: >> [perpass] India withdraws encryption policy - Re: India posed to >> require cleartext, cleartext retention, cipher and backdoor mandates >> >> It seems to me in general that this type of policy remains very >> attractive; governments in particular tend to prize temporary >> security over essential freedom. This policy was so obviously silly >> in its technical detail that it would inevitably need to be >> withdrawn, though I was impressed by the speed and openness with >> which that was done here. >> >> But in general, playing whack-a-mole takes a lot of energy especially >> when the policies themselves are largely copypasta. Perhaps we should >> put together an IAB/program form letter ("So You've Decided to Ban >> Crypto, Here's Why That Won't Work") that we can quickly tailor to >> the details in order to be able to make constructive public comments >> *before* the withdrawal happens next time? :) >> >> Cheers, >> >> Brian >> >> >>> On 22 Sep 2015, at 13:49, Joseph Lorenzo Hall wrote: >>> >>> I'm not so sure we should take comfort in their withdrawal of the >>> policy as all reports are that they are revising and reissuing... >>> We'll see what the next iteration involves! >>> >>> On Tuesday, September 22, 2015, Dan York wrote: >>> There was a significant amount of public outcry yesterday within >>> India and the latest news is that the government of India is >>> apparently withdrawing the draft policy: >>> >>> http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draft-of-encryption-policy/articleshow/49057232.cms >>> >>> >>> > Prior to that the government agency involved had already issued an > update saying that the draft policy would NOT apply to TLS in web > commerce and social media, messaging, etc. The update document seems to > have been removed, but is captured here by a news site: >>> >>> http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ >>> >>> >>> > Dan >>> >>>> On Sep 21, 2015, at 1:07 PM, Stephen Farrell >>>> wrote: >>>> >>>> >>>> Sheesh, there is so much wrong in that document. And they top it >>>> off by recommending RC4. >>>> >>>> Does anyone know if this is a policy that is likely to be >>>> enforced or one that'd be more honoured in the breach? >>>> >>>> S. >>>> >>>> On 21/09/15 17:45, Joseph Lorenzo Hall wrote: >>>>> Obviously, of relevance to those that will be at the IAB >>>>> MARNEW workshop this week (although this isn't in any way >>>>> specific to radio networks). >>>>> >>>>> * Everyone (all individuals and businesses) using encryption >>>>> must store unencrypted content for 90 days * Government will >>>>> dictate algorithms and key sizes * Possibility of a legally >>>>> mandated backdoor >>>>> >>>>> Article from Daily Dot: >>>>> http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ >>>>> >>>>> >>>>> > Text of the proposal (comments due 16 Oct.): >>>>> https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf >>>>> >>>>> >>>> >>>> >>>>> > _______________________________________________ >>>> perpass mailing list perpass@ietf.org >>>> https://www.ietf.org/mailman/listinfo/perpass >>> >>> -- Dan York Senior Content Strategist, Internet Society >>> york@isoc.org +1-802-735-1624 Jabber: york@jabber.isoc.org Skype: >>> danyork http://twitter.com/danyork >>> >>> http://www.internetsociety.org/ >>> >>> >>> >>> >>> >>> -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & >>> Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) >>> 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: >>> https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 >>> 4B10 1607 5F86 6987 40A9 A871 >>> >>> >>> >>> _______________________________________________ perpass mailing >>> list perpass@ietf.org >>> https://www.ietf.org/mailman/listinfo/perpass >> >> _______________________________________________ perpass mailing list >> perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass >> >> _______________________________________________ perpass mailing list >> perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass >> -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871 From nobody Fri Sep 25 05:49:54 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3DC441A00DB for ; Fri, 25 Sep 2015 05:49:53 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.579 X-Spam-Level: X-Spam-Status: No, score=-0.579 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Wnksl77XTOvw for ; Fri, 25 Sep 2015 05:49:51 -0700 (PDT) Received: from mail-la0-f54.google.com (mail-la0-f54.google.com [209.85.215.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ABD6A1A00E0 for ; Fri, 25 Sep 2015 05:49:49 -0700 (PDT) Received: by lacrr8 with SMTP id rr8so17858989lac.2 for ; Fri, 25 Sep 2015 05:49:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type; bh=1EtHH5+2DKa+qh5NebKOg5whAw5sbAvVfU6eCwB3hto=; b=BjbW7YaCGGPQWXKMYL2rUL1BHRl1l+etTdTOheDbnuT12wPM/ympkQ2FU8a+PYdX3O nP3BuO1qN87dqk7AwtU2aU3gndZAPdxNmRFwEUqucdfGUaPbRKJSwd7rSegtBA4hAjiV /vbFSoXwvot/GH8v9CDO/6HokDVjfC+Pqw0HQhVt4rVdij1kaDOoeib+22uiOUxenUD5 V2agWwAZ050x3z9guC9f5E1X2MNAyQSz85QaBKO3X0wBVsTTF3n7oZhduyh57nu1TkIa eCqANwfU69egRzITrfms5XpIAYwU6vP1THQ2tOl58fc6kBDuTCmyv4j4aLwW9PUAGLS3 wPCw== X-Gm-Message-State: ALoCoQmLUEtHK57zfRKtoQH5la6wKZUFA1voEPxfGZns2xCwSSzC4rBhwYfDJ+TLw5rsn1k2YSIc X-Received: by 10.112.138.37 with SMTP id qn5mr1637651lbb.52.1443185387582; Fri, 25 Sep 2015 05:49:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.25.134.193 with HTTP; Fri, 25 Sep 2015 05:49:08 -0700 (PDT) From: Yakov Shafranovich Date: Fri, 25 Sep 2015 08:49:08 -0400 Message-ID: To: perpass@ietf.org Content-Type: text/plain; charset=UTF-8 Archived-At: Subject: [perpass] fwd: US Government's draft paper on technical options for the encryption debate X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Sep 2015 12:49:53 -0000 >From the Washington Post: http://apps.washingtonpost.com/g/documents/world/read-the-obama-administrations-draft-paper-on-technical-options-for-the-encryption-debate/1753/ Article here: https://www.washingtonpost.com/world/national-security/obama-administration-ponders-how-to-seek-access-to-encrypted-data/2015/09/23/107a811c-5b22-11e5-b38e-06883aacba64_story.html From nobody Fri Sep 25 06:55:12 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78B571A1A20 for ; Fri, 25 Sep 2015 06:55:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -1.601 X-Spam-Level: X-Spam-Status: No, score=-1.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_DK=1.009, RCVD_IN_DNSWL_LOW=-0.7, T_RP_MATCHES_RCVD=-0.01] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j0RhaDx43EAQ for ; Fri, 25 Sep 2015 06:55:09 -0700 (PDT) Received: from spamfilter1.dtu.dk (spamfilter1.dtu.dk [130.225.73.112]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2022B1A1A1D for ; Fri, 25 Sep 2015 06:55:08 -0700 (PDT) Received: from ait-pexedg01.win.dtu.dk (ait-pexedg01.win.dtu.dk [192.38.82.191]) by spamfilter1.dtu.dk with ESMTP id t8PDsxO6018836-t8PDsxO8018836 (version=TLSv1.0 cipher=AES128-SHA bits=128 verify=CAFAIL); Fri, 25 Sep 2015 15:54:59 +0200 Received: from ait-pex02mbx05.win.dtu.dk (192.38.82.185) by ait-pexedg01.win.dtu.dk (192.38.82.191) with Microsoft SMTP Server (TLS) id 14.3.248.2; Fri, 25 Sep 2015 15:55:04 +0200 Received: from ait-pex01mbx01.win.dtu.dk ([169.254.1.73]) by ait-pex02mbx05.win.dtu.dk ([169.254.5.11]) with mapi id 14.03.0248.002; Fri, 25 Sep 2015 15:54:59 +0200 From: Hugo Maxwell Connery To: Yakov Shafranovich , "perpass@ietf.org" Thread-Topic: [perpass] fwd: US Government's draft paper on technical options for the encryption debate Thread-Index: AQHQ95CyCI3FZ90F4EOGbH07sKrKcZ5NQ4Rz Date: Fri, 25 Sep 2015 13:54:58 +0000 Message-ID: <6CB05D82CE245B4083BBF3B97E2ED47008F85796@ait-pex01mbx01.win.dtu.dk> References: In-Reply-To: Accept-Language: en-AU, da-DK, en-US Content-Language: en-AU X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [130.225.73.250] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Archived-At: Subject: Re: [perpass] fwd: US Government's draft paper on technical options for the encryption debate X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Sep 2015 13:55:11 -0000 Hi, It would seem that the advice given is well reasoned and=20 indeed embraces much contained in RFC1984. It will be interesting to see how the executive branch of government takes this "you cant, and shouldn't attempt, that which you have been advocating" advice. Hugo Connery -- Head of IT, DTU Environment, http://www.env.dtu.dk ________________________________________ From: perpass [perpass-bounces@ietf.org] on behalf of Yakov Shafranovich [y= akov@noom.com] Sent: Friday, 25 September 2015 14:49 To: perpass@ietf.org Subject: [perpass] fwd: US Government's draft paper on technical options fo= r the encryption debate >From the Washington Post: http://apps.washingtonpost.com/g/documents/world/read-the-obama-administrat= ions-draft-paper-on-technical-options-for-the-encryption-debate/1753/ Article here: https://www.washingtonpost.com/world/national-security/obama-administration= -ponders-how-to-seek-access-to-encrypted-data/2015/09/23/107a811c-5b22-11e5= -b38e-06883aacba64_story.html _______________________________________________ perpass mailing list perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass From nobody Fri Sep 25 08:53:50 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E4BA31A9037 for ; Fri, 25 Sep 2015 08:53:48 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 0.721 X-Spam-Level: X-Spam-Status: No, score=0.721 tagged_above=-999 required=5 tests=[BAYES_50=0.8, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KmLOIAtRwvGl for ; Fri, 25 Sep 2015 08:53:47 -0700 (PDT) Received: from mail-la0-f42.google.com (mail-la0-f42.google.com [209.85.215.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 22BF71A9053 for ; Fri, 25 Sep 2015 08:53:45 -0700 (PDT) Received: by lacrr8 with SMTP id rr8so23847308lac.2 for ; Fri, 25 Sep 2015 08:53:43 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=+MpER3S3tnchVzjYkT8Qig25tZWatTtX86HPBIGV9es=; b=N1MKgesBaAMZf3fQpOS3xFhyspkSj5Kg9b3nb26g/Jat0Q3twiLlc9EI4GGAVJv0aJ QWWBA3I6bpeW6hDOC2amJXFOUIauuRijopkofvF0OOWbryEi+L+FsMMo0MqpSM2TCaFg lECKg1m/buAHglRwoWNTVgBGWopQOsIKQOMQBDZ8jt52Rw9EWrUIr6zvK6JISbN051pQ GOYGClZAsynYan/Dy1pjUf3RNqoJoNI2/ZjMrPIxH5rrQy1vJ768E+yYvN7sO9+K7igK 7WAlYuMAum/ZMPtA/Nk6iWyClC57yafzx/SK28J9q5FqP6ukFViqgt6h7q+QsUgSCY9/ OBeg== X-Gm-Message-State: ALoCoQnB4YTa9gAdtvC3LtnGyu3k88TTPv4lymTRJ8mZYXExXnbGW+pAArekGWT7TgrYfU/UCiE5 X-Received: by 10.152.181.36 with SMTP id dt4mr1917496lac.52.1443196423191; Fri, 25 Sep 2015 08:53:43 -0700 (PDT) MIME-Version: 1.0 Received: by 10.25.134.193 with HTTP; Fri, 25 Sep 2015 08:53:03 -0700 (PDT) From: Yakov Shafranovich Date: Fri, 25 Sep 2015 11:53:03 -0400 Message-ID: To: perpass@ietf.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Archived-At: Subject: [perpass] fwd: GCHQ built browsing profiles on every Internet user X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Sep 2015 15:53:49 -0000 This is a really scary story from the Intercept, based on Snowden docs: https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-o= nline-identities/ Important takeway is this: In recent years, the biggest barrier to GCHQ=E2=80=99s mass collection of d= ata does not appear to have come in the form of legal or policy restrictions. Rather, it is the increased use of encryption technology that protects the privacy of communications that has posed the biggest potential hindrance to the agency=E2=80=99s activities. =E2=80=9CThe spread of encryption =E2=80=A6 threatens our ability to do eff= ective target discovery/development,=E2=80=9D says a top-secret report co-authored= by an official from the British agency and an NSA employee in 2011. =E2=80=9CPertinent metadata events will be locked within the encrypted channels and difficult, if not impossible, to prise out,=E2=80=9D the repor= t says, adding that the agencies were working on a plan that would =E2=80=9C(hopefully) allow our Internet Exploitation strategy to prevail.= =E2=80=9D Yakov From nobody Sat Sep 26 13:58:09 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60AED1A6F5B for ; Sat, 26 Sep 2015 13:58:07 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CtVMiR3UNOrw for ; Sat, 26 Sep 2015 13:58:06 -0700 (PDT) Received: from mail-pa0-x233.google.com (mail-pa0-x233.google.com [IPv6:2607:f8b0:400e:c03::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2E2C51A6F5A for ; Sat, 26 Sep 2015 13:58:06 -0700 (PDT) Received: by pablk4 with SMTP id lk4so40123809pab.3 for ; Sat, 26 Sep 2015 13:58:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=to:from:subject:organization:message-id:date:user-agent :mime-version:content-type:content-transfer-encoding; bh=GNHW3pnVdeWhKsObDOKvEloOQRVejpgIZkDtJI1F3O4=; b=wWY+gK2nQbWCCWbmjhKmAod6rue+lFPJtFHnGtaYI99cC2MG9+zL1DU/ZzGE/c+83c +xJWd+S7wRqHDOVc7GBigL4CLgO9kKZzgeao+i3ImsUEr+2bASxNqVOGvklbm/ngpjDb p8H9WuClGLRk9bIFD3l1byfcfOVx2Ns7niDTO5sfCDQpgE+pNS51C6v4WtUZJoeZd8et ies4a22lFO4FHIHHh9BmoM6cWZBdbQLoS6HQahSRVLJq+t746dip0PZwXTaft93evcd1 prCffqQS9sBcqZBi/ibNpEZENyqHKc98kjrU03C5uHYIdF5fSeB//kjm5jzuTsIiG/ua JrWA== X-Received: by 10.68.68.205 with SMTP id y13mr16131485pbt.99.1443301085842; Sat, 26 Sep 2015 13:58:05 -0700 (PDT) Received: from [192.168.178.25] (88.221.47.163.dynamic.snap.net.nz. [163.47.221.88]) by smtp.gmail.com with ESMTPSA id ej3sm10781513pbd.13.2015.09.26.13.58.02 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 26 Sep 2015 13:58:04 -0700 (PDT) To: "perpass@ietf.org" From: Brian E Carpenter Organization: University of Auckland Message-ID: <560706D4.7030907@gmail.com> Date: Sun, 27 Sep 2015 09:57:56 +1300 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: [perpass] Special keys let officials open any suitcase. What could go wrong? X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Sep 2015 20:58:07 -0000 http://www.economist.com/news/united-states/21665010-special-keys-let-officials-open-any-suitcase-what-could-go-wrong-locked-out TL;DR: RFC 1984 was right (and also applies to TSA locks). Brian From nobody Sat Sep 26 15:07:16 2015 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BDFD1A872B for ; Sat, 26 Sep 2015 15:07:14 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -4.311 X-Spam-Level: X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B1yB5EmO3MWi for ; Sat, 26 Sep 2015 15:07:12 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 98FB31A8725 for ; Sat, 26 Sep 2015 15:07:12 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 6B76DBE3E; Sat, 26 Sep 2015 23:07:10 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mRBSP-JP7YGa; Sat, 26 Sep 2015 23:07:07 +0100 (IST) Received: from [10.87.48.73] (unknown [86.46.31.32]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id DC15DBE35; Sat, 26 Sep 2015 23:07:06 +0100 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1443305227; bh=8riBthHKRQx/WBknqDmhBsOD02KKZjaaZ138DxqYgaU=; h=Subject:To:References:From:Date:In-Reply-To:From; b=ZdRwFFv1PeowkR23bb996yXTS33Y6tBnr+Y7HA1ZDhnMwlOaJqa3d57L+RCsLczUZ GioBlowJyjEKruhr80btQq1Z+TrQ8dx6T3rL6T5aN7/yMbio5aNHaPbBhLfLkuS/ZL QwWIPsuWmHMkEoHIHUR8fJJ+d/MA6bIicJUzGgEw= To: Brian E Carpenter , "perpass@ietf.org" References: <560706D4.7030907@gmail.com> From: Stephen Farrell Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url= Message-ID: <5607170A.6040901@cs.tcd.ie> Date: Sat, 26 Sep 2015 23:07:06 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 MIME-Version: 1.0 In-Reply-To: <560706D4.7030907@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Archived-At: Subject: Re: [perpass] Special keys let officials open any suitcase. What could go wrong? X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Sep 2015 22:07:14 -0000 On 26/09/15 21:57, Brian E Carpenter wrote: > http://www.economist.com/news/united-states/21665010-special-keys-let-officials-open-any-suitcase-what-could-go-wrong-locked-out > > TL;DR: RFC 1984 was right (and also applies to TSA locks). And BCP 200 is (not was) right as well:-) S > > Brian > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass >