Re: [rtcweb] Use Case draft - Eavesdropping.

[Harald Alvestrand <harald@alvestrand.no>]

On 05/01/2012 04:14 PM, Cavigioli, Chris wrote:
> Wording needs to be clarified.
> - "Eavesdropping" has a negative connotation of someone inappropriately listening in to another communication.  This should not happen.
> - "Lawful intercept" is something telecom service providers are required to provide to law enforcement with all appropriate safeguards in place http://en.wikipedia.org/wiki/Lawful_interception
> -chris
In fact the RAVEN RFC spent some time defining wiretapping:

    Wiretapping is what occurs when information passed across the
    Internet from one party to one or more other parties is delivered to
    a third party:

    1. Without the sending party knowing about the third party

    2. Without any of the recipient parties knowing about the delivery to
       the third party

    3. When the normal expectation of the sender is that the transmitted
       information will only be seen by the recipient parties or parties
       obliged to keep the information in confidence

    4. When the third party acts deliberately to target the transmission
       of the first party, either because he is of interest, or because
       the second party's reception is of interest.

    The term "party", as used here, can refer to one person, a group of
    persons, or equipment acting on behalf of persons; the term "party"
    is used for brevity.

    Of course, many wiretaps will be bidirectional, monitoring traffic
    sent by two or more parties to each other.

    Thus, for instance, monitoring public newsgroups is not wiretapping
    (condition 3 violated), random monitoring of a large population is
    not wiretapping (condition 4 violated), a recipient passing on
    private email is not wiretapping (condition 2 violated).

The call center case isn't wiretapping by RAVEN's definition, since 
conditions 1 and 2 don't hold.

Note also that chapter 4 of RAVEN is entitled "Why the IETF does not 
take a moral position".

>
> -----Original Message-----
> From: rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] On Behalf Of Hutton, Andrew
> Sent: Tuesday, May 01, 2012 6:14 AM
> To: Ted Hardie; rtcweb@ietf.org
> Subject: Re: [rtcweb] Use Case draft - Eavesdropping.
>
> Hi,
>
> A number of use cases within Draft-ietf-rtcweb-use-cases-and-requirements-07 contain the statement "It is essential that the communication cannot be eavesdropped" however there is no definition of what is actually meant by "eavesdropped" although I think we all have an idea of what it means.
>
> Maybe it would be better to replace these statements with something that refers to wiretapping and RFC 2804 (RAVEN) which actually has a definition of wiretapping.
>
> Regards
> Andy
>
>
>
>
>> -----Original Message-----
>> From: rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] On
>> Behalf Of Ted Hardie
>> Sent: 27 April 2012 17:15
>> To: rtcweb@ietf.org
>> Subject: [rtcweb] Use Case draft
>>
>> The chairs would like to ask the working group to focus on the use
>> case draft.  If you have use cases that need to be added to the
>> document or text changes you'd like to suggest, please send them in
>> for discussion before May 15th.  After this round, we will look toward
>> having a working group last call on the document (hopefully before the
>> interim meeting).
>>
>> regards,
>>
>> Ted, Magnus, Cullen
>> _______________________________________________
>> rtcweb mailing list
>> rtcweb@ietf.org
>> https://www.ietf.org/mailman/listinfo/rtcweb
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
>