[Patient] DOJ first on encryption services

Tony Rutkowski <tony@yaanatech.co.uk> Sun, 18 March 2018 11:20 UTC

Return-Path: <tony@yaanatech.co.uk>
X-Original-To: patient@ietfa.amsl.com
Delivered-To: patient@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 299781243FE for <patient@ietfa.amsl.com>; Sun, 18 Mar 2018 04:20:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i3lwhJ7DZUJt for <patient@ietfa.amsl.com>; Sun, 18 Mar 2018 04:20:09 -0700 (PDT)
Received: from uk-www1.yaanatech.uk (uk-www1.yaanatech.uk [46.20.116.155]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE19F1242F5 for <patient@ietf.org>; Sun, 18 Mar 2018 04:20:08 -0700 (PDT)
Received: from [192.168.1.53] (pool-70-106-194-121.clppva.fios.verizon.net [70.106.194.121]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by uk-www1.yaanatech.uk (Postfix) with ESMTPSA id B07C7540231; Sun, 18 Mar 2018 11:20:05 +0000 (GMT)
From: Tony Rutkowski <tony@yaanatech.co.uk>
Reply-To: tony@yaanatech.co.uk
To: Brian Witten <brian_witten@symantec.com>
Cc: "patient@ietf.org" <patient@ietf.org>
Organization: Yaana Limited
Message-ID: <02be9028-a8fd-f527-826b-5361de1470ce@yaanatech.co.uk>
Date: Sun, 18 Mar 2018 07:20:04 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/patient/PrOTW6YqyNf1RfsMZ_dxH0YV7pM>
Subject: [Patient] DOJ first on encryption services
X-BeenThere: patient@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Protecting against Attacks Tunneling In Encrypted Network Tunnels <patient.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/patient>, <mailto:patient-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/patient/>
List-Post: <mailto:patient@ietf.org>
List-Help: <mailto:patient-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/patient>, <mailto:patient-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Mar 2018 11:20:10 -0000

Hi Brian,

https://www.justice.gov/usao-sdca/pr/chief-executive-and-four-associates-indicted-conspiring-global-drug-trafficker

This action announced on Thursday by the US Attorney's office is a 
first.  It suggests the US Feds will be going after companies who cater 
to the wrong customers with encryption services.

It seems likely that most countries, providers, and enterprises will 
simply block or degrade TLS 1.3, QUIC, and other pervasive encryption 
protocols. However, there will always be outliers who will take the risk.

This DOJ action (and likely clones elsewhere in the world) adds some 
greater risk to the equation when the provider fails to undertake due 
diligence on the uses being undertaken by the customers running TLS 1.3 
and QUIC servers.  Where the customer is using the technology to evade 
law enforcement, including DCMA strictures, the provider may find 
themselves complicit through criminal or civil proceedings.

--tony

ps. They probably will not come after those developing the standards, 
but then the IESG probably has sufficient liability insurance courtesy 
of ISOC to handle litigation costs and fines.