IETF Logo Mail Archive

RE: [Raven] BBC Online 10/2/2000: "Surveillance bill under fire"

janne.haikonen@nokia.com Fri, 11 February 2000 09:00 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id EAA02735 for <raven-archive@ietf.org>; Fri, 11 Feb 2000 04:00:30 -0500 (EST)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id DAA09601; Fri, 11 Feb 2000 03:44:45 -0500 (EST)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id DAA09573 for <raven@optimus.ietf.org>; Fri, 11 Feb 2000 03:44:43 -0500 (EST)
Received: from mgw-x2.nokia.com (mgw-x2.nokia.com [131.228.20.22]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA02655 for <raven@ietf.org>; Fri, 11 Feb 2000 03:46:11 -0500 (EST)
From: janne.haikonen@nokia.com
Received: from mgw-i1.ntc.nokia.com (mgw-i1.ntc.nokia.com [131.228.118.60]) by mgw-x2.nokia.com (8.9.3/8.9.3/o) with ESMTP id KAA28486; Fri, 11 Feb 2000 10:46:10 +0200 (EET)
Received: from esebh02nok.ntc.nokia.com (esebh02nok.ntc.nokia.com [131.228.118.151]) by mgw-i1.ntc.nokia.com (8.9.3/8.9.3) with ESMTP id KAA11073; Fri, 11 Feb 2000 10:46:08 +0200 (EET)
Received: by esebh02nok with Internet Mail Service (5.5.2650.10) id <DHY69WCK>; Fri, 11 Feb 2000 10:46:06 +0200
Message-ID: <6D1A8E7871B9D211B3B00008C7490AA501A82054@treis03nok>
To: raven@ietf.org, ukcrypto@maillist.ox.ac.uk
Subject: RE: [Raven] BBC Online 10/2/2000: "Surveillance bill under fire"
Date: Fri, 11 Feb 2000 10:46:03 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2650.10)
Content-Type: text/plain; charset="iso-8859-1"
Sender: raven-admin@ietf.org
Errors-To: raven-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Raven Discussion List <raven.ietf.org>
X-BeenThere: raven@ietf.org

> The prosecution must show that the person "has or has had" 
> possession of the key, but if you are claiming it has been 
> lost or forgotten, naturally that is conceded. If you do 
> claim it is lost or forgotten (or inaccessible), you
> can't just leave it at that, because the burden falls on you 
> to PROVE that in order to establish your defence.

 - Have they though about how exactly can one prove that he/she
has forgotten/lost some security token (e.g. password/phrase/key)?
 "Give us your passphrase."
 "Sorry, but I don't remember it."
 "Prove that!"
 "Err... you see.. err... I've just forgotten it.."

> If nothing at all is said (that can be used in evidence)...I 
> guess they DO have to show that the person has or has had 
> possession of they key (beyond reasonable doubt). Interesting - 
> that was not so in the July 99 E-Comms Bill.

 - That one is interesting too. If the LE can't decrypt your data
(i.e. they have no access to the key/knowledge of it), how can they 
prove that the key ever existed in the first place. You can always
claim that the file/communication was just garbage, and when they 
ask e.g. about some magic cookies or crypto signalling IEs that were 
present in your file/communication you can always act stupid and
claim that you have no knowledge of what you computer/terminal 
does behind your back...
Eh?

 Just my few cents,
Janne Haikonen

_______________________________________________
raven mailing list
raven@ietf.org
http://www.ietf.org/mailman/listinfo/raven

v2.23.0 | Report a Bug | By Email