[VOIPSEC] CALEA Enforcement
matt.harrigan at gmail.com
Sat May 6 05:59:44 BST 2006
The typical methodology for agencies like DOJ in terms of implementing
CALEA is to park their gear at COs / switching facilities. This way,
all traffic between voip subs and other voip subs, as well as voip sub
to pstn is accessible.
If customers encrypt at endpoints, it becomes very difficult for CALEA
tapping procedures to be effective, as they're so centered around a
model where customers don't have too much control of how they send
things. So much so that late in 04 / early 05 there were congressional
hearings around *onage, and the federal government's panic to tap
phones (first they had to figure out how to simply do voip).
Short answer - What happens is that DOJ gets pissed off, and the NSA
excercises their partnership with David Copperfield to magically
decrypt all your data. Then the easter bunny, santa claus, and Richard
Simmon's girlfriend hold a roundtable tribunal about what you said
over these calls and you end up in guantanamo bay. Or...not.
On 5/6/06, Gupta, Sachin <s-gupta2 at ti.com> wrote:
> I came across an article which mentions the enforcement of CALEA . Would
> this mean no end-to-end security ?
> How would any kind of legal intercept be possible if there is end-to-end
> security ?
> Voipsec mailing list
> Voipsec at voipsa.org
Matthew G. Harrigan
mobile email: mharrigan at tmail.com
More information about the Voipsec