Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates
Joseph Lorenzo Hall <joe@cdt.org> Tue, 22 September 2015 11:49 UTC
Return-Path: <jhall@cdt.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3EEB1A6EDB for <perpass@ietfa.amsl.com>; Tue, 22 Sep 2015 04:49:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.377
X-Spam-Level:
X-Spam-Status: No, score=-1.377 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OgnYoPkwG2WF for <perpass@ietfa.amsl.com>; Tue, 22 Sep 2015 04:49:12 -0700 (PDT)
Received: from mail-la0-x230.google.com (mail-la0-x230.google.com [IPv6:2a00:1450:4010:c03::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 997441A21C3 for <perpass@ietf.org>; Tue, 22 Sep 2015 04:49:11 -0700 (PDT)
Received: by lagj9 with SMTP id j9so8754673lag.2 for <perpass@ietf.org>; Tue, 22 Sep 2015 04:49:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cdt.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=zOLoebbJyng1EcHPXGG1/WHxarRp3i6ESjRusZZRwKg=; b=s+2JfLle5QKOtQBIXHmGfxFnNlpLlExvLl8lzepWWYPSHhKCjL5ej/rqgEtrngVaNw C7uuQ2bTEWuFgdKBZRIFlNBvY34xoAB/dGiJrTL4FL+XIWhCtva5RwpgE3ISJPU7GTre PQdiJKazP33kMZJ8UH882HqrejE+aeS7ME1ZE=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=zOLoebbJyng1EcHPXGG1/WHxarRp3i6ESjRusZZRwKg=; b=BUGv8TdUbgHmlHq9L6KSTto+N78x7xhW/Xxf7u9MA8qvKBRxbXWCysVGwcrFt4xmLs M9sUQoPCUuWI1dIoSAyB2laFWtasGC0tpsiHlBL+iJJP6y5AOUFiumOhSNLCwD7684OD m2Hu3NDAbVyFdUhCPFuinRMRBnFv35qSrBULp/0p8RzZqWgkppmBnJF0FyHi4LoDJ1Oc EttCPbsJrekXU0i5/0Sv+AbU0/r5r24U+fv6kiKB05SaUlw8VR+9UADwmRQ9lU2D4stk XIj6AlfOLF/yLQkNyYOVksBNnJKHD/zAek1QDY9NDotYWBSrJ2g0AhsuteldgZhdGpqQ OpHg==
X-Gm-Message-State: ALoCoQlySkX+hzL26u+TuqYu9eS9r7H1XeoR6HhgSouXBmnCeqWWbDZUoMIjCwEHR0fYva4QbrVf
MIME-Version: 1.0
X-Received: by 10.152.179.40 with SMTP id dd8mr9311652lac.119.1442922549205; Tue, 22 Sep 2015 04:49:09 -0700 (PDT)
Received: by 10.25.199.138 with HTTP; Tue, 22 Sep 2015 04:49:09 -0700 (PDT)
In-Reply-To: <F13C24AF-2A4F-426C-8600-AEC4CF4979E1@isoc.org>
References: <CABtrr-XSAmHEjKvHL_fThqmeWwiCNvz=8-TWhJOd5g895B+bNw@mail.gmail.com> <56003957.9020308@cs.tcd.ie> <F13C24AF-2A4F-426C-8600-AEC4CF4979E1@isoc.org>
Date: Tue, 22 Sep 2015 07:49:09 -0400
Message-ID: <CABtrr-WgBdkBFvzPSRjEPs1anX_kGoYZdAGUchbRiwxZGYXR9Q@mail.gmail.com>
From: Joseph Lorenzo Hall <joe@cdt.org>
To: Dan York <york@isoc.org>
Content-Type: multipart/alternative; boundary="001a113433eefbf68c0520549583"
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/R-vL7HhrDJjp0WpltRy6mae1aMw>
Cc: perpass <perpass@ietf.org>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: Re: [perpass] India withdraws encryption policy - Re: India posed to require cleartext, cleartext retention, cipher and backdoor mandates
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Sep 2015 11:49:14 -0000
I'm not so sure we should take comfort in their withdrawal of the policy as all reports are that they are revising and reissuing... We'll see what the next iteration involves! On Tuesday, September 22, 2015, Dan York <york@isoc.org> wrote: > There was a significant amount of public outcry yesterday within India and > the latest news is that the government of India is apparently withdrawing > the draft policy: > > > http://timesofindia.indiatimes.com/tech/tech-news/Government-withdraws-draft-of-encryption-policy/articleshow/49057232.cms > > Prior to that the government agency involved had already issued an update > saying that the draft policy would NOT apply to TLS in web commerce and > social media, messaging, etc. The update document seems to have been > removed, but is captured here by a news site: > > http://www.medianama.com/2015/09/223-india-draft-encryption-policy/ > > Dan > > On Sep 21, 2015, at 1:07 PM, Stephen Farrell <stephen.farrell@cs.tcd.ie > <javascript:_e(%7B%7D,'cvml','stephen.farrell@cs.tcd.ie');>> wrote: > > > Sheesh, there is so much wrong in that document. And they > top it off by recommending RC4. > > Does anyone know if this is a policy that is likely to be > enforced or one that'd be more honoured in the breach? > > S. > > On 21/09/15 17:45, Joseph Lorenzo Hall wrote: > > Obviously, of relevance to those that will be at the IAB MARNEW > workshop this week (although this isn't in any way specific to radio > networks). > > * Everyone (all individuals and businesses) using encryption must > store unencrypted content for 90 days > * Government will dictate algorithms and key sizes > * Possibility of a legally mandated backdoor > > Article from Daily Dot: > http://www.dailydot.com/politics/india-encryption-backdoors-draft-policy/ > > Text of the proposal (comments due 16 Oct.): > https://info.publicintelligence.net/IN-DraftEncryptionPolicy.pdf > > > > _______________________________________________ > perpass mailing list > perpass@ietf.org <javascript:_e(%7B%7D,'cvml','perpass@ietf.org');> > https://www.ietf.org/mailman/listinfo/perpass > > > -- > Dan York > Senior Content Strategist, Internet Society > york@isoc.org <javascript:_e(%7B%7D,'cvml','york@isoc.org');> > +1-802-735-1624 > Jabber: york@jabber.isoc.org > <javascript:_e(%7B%7D,'cvml','york@jabber.isoc.org');> > Skype: danyork http://twitter.com/danyork > > http://www.internetsociety.org/ > <http://www.internetsociety.org/deploy360/> > > > > -- Joseph Lorenzo Hall Chief Technologist Center for Democracy & Technology 1634 I ST NW STE 1100 Washington DC 20006-4011 (p) 202-407-8825 (f) 202-637-0968 joe@cdt.org PGP: https://josephhall.org/gpg-key fingerprint: 3CA2 8D7B 9F6D DBD3 4B10 1607 5F86 6987 40A9 A871
- [perpass] India posed to require cleartext, clear… Joseph Lorenzo Hall
- Re: [perpass] India posed to require cleartext, c… Stephen Farrell
- [perpass] India withdraws encryption policy - Re:… Dan York
- Re: [perpass] India withdraws encryption policy -… Stephen Farrell
- Re: [perpass] India withdraws encryption policy -… Joseph Lorenzo Hall
- Re: [perpass] India withdraws encryption policy -… Brian Trammell
- Re: [perpass] India withdraws encryption policy -… Hugo Maxwell Connery
- Re: [perpass] India withdraws encryption policy -… Stephen Farrell
- Re: [perpass] India withdraws encryption policy -… Michael Richardson
- Re: [perpass] India withdraws encryption policy -… Joseph Lorenzo Hall