Re: [rtcweb] Use Case draft - Eavesdropping.

Harald Alvestrand <> Wed, 02 May 2012 13:40 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A4C6421F84F1 for <>; Wed, 2 May 2012 06:40:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -110.513
X-Spam-Status: No, score=-110.513 tagged_above=-999 required=5 tests=[AWL=0.086, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id O8Z5ctr43GpR for <>; Wed, 2 May 2012 06:40:48 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 94BF321F85CE for <>; Wed, 2 May 2012 06:40:47 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id DE4BB39E089 for <>; Wed, 2 May 2012 15:40:46 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id DpvnDAxQF1C9 for <>; Wed, 2 May 2012 15:40:44 +0200 (CEST)
Received: from ( []) by (Postfix) with ESMTPSA id A9C8139E112 for <>; Wed, 2 May 2012 15:40:44 +0200 (CEST)
Message-ID: <>
Date: Wed, 02 May 2012 15:40:44 +0200
From: Harald Alvestrand <>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120412 Thunderbird/11.0.1
MIME-Version: 1.0
References: <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [rtcweb] Use Case draft - Eavesdropping.
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 02 May 2012 13:40:48 -0000

On 05/01/2012 04:14 PM, Cavigioli, Chris wrote:
> Wording needs to be clarified.
> - "Eavesdropping" has a negative connotation of someone inappropriately listening in to another communication.  This should not happen.
> - "Lawful intercept" is something telecom service providers are required to provide to law enforcement with all appropriate safeguards in place
> -chris
In fact the RAVEN RFC spent some time defining wiretapping:

    Wiretapping is what occurs when information passed across the
    Internet from one party to one or more other parties is delivered to
    a third party:

    1. Without the sending party knowing about the third party

    2. Without any of the recipient parties knowing about the delivery to
       the third party

    3. When the normal expectation of the sender is that the transmitted
       information will only be seen by the recipient parties or parties
       obliged to keep the information in confidence

    4. When the third party acts deliberately to target the transmission
       of the first party, either because he is of interest, or because
       the second party's reception is of interest.

    The term "party", as used here, can refer to one person, a group of
    persons, or equipment acting on behalf of persons; the term "party"
    is used for brevity.

    Of course, many wiretaps will be bidirectional, monitoring traffic
    sent by two or more parties to each other.

    Thus, for instance, monitoring public newsgroups is not wiretapping
    (condition 3 violated), random monitoring of a large population is
    not wiretapping (condition 4 violated), a recipient passing on
    private email is not wiretapping (condition 2 violated).

The call center case isn't wiretapping by RAVEN's definition, since 
conditions 1 and 2 don't hold.

Note also that chapter 4 of RAVEN is entitled "Why the IETF does not 
take a moral position".

> -----Original Message-----
> From: [] On Behalf Of Hutton, Andrew
> Sent: Tuesday, May 01, 2012 6:14 AM
> To: Ted Hardie;
> Subject: Re: [rtcweb] Use Case draft - Eavesdropping.
> Hi,
> A number of use cases within Draft-ietf-rtcweb-use-cases-and-requirements-07 contain the statement "It is essential that the communication cannot be eavesdropped" however there is no definition of what is actually meant by "eavesdropped" although I think we all have an idea of what it means.
> Maybe it would be better to replace these statements with something that refers to wiretapping and RFC 2804 (RAVEN) which actually has a definition of wiretapping.
> Regards
> Andy
>> -----Original Message-----
>> From: [] On
>> Behalf Of Ted Hardie
>> Sent: 27 April 2012 17:15
>> To:
>> Subject: [rtcweb] Use Case draft
>> The chairs would like to ask the working group to focus on the use
>> case draft.  If you have use cases that need to be added to the
>> document or text changes you'd like to suggest, please send them in
>> for discussion before May 15th.  After this round, we will look toward
>> having a working group last call on the document (hopefully before the
>> interim meeting).
>> regards,
>> Ted, Magnus, Cullen
>> _______________________________________________
>> rtcweb mailing list
> _______________________________________________
> rtcweb mailing list
> _______________________________________________
> rtcweb mailing list