[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Security Focus story
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Security Focus story
- From: "Alexander W. Janssen" <alexander.janssen@xxxxxxxxx>
- Date: Fri, 9 Mar 2007 09:16:53 +0100
- Delivered-to: email@example.com
- Delivered-to: firstname.lastname@example.org
- Delivered-to: email@example.com
- Delivery-date: Fri, 09 Mar 2007 03:17:03 -0500
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=hkY5Goy7pGbGzHHdkA+UNXQj5ry1ybVnkUSF4jWxd2ClHDMIiDqmt68Icsgdg3UbFQp3nEskVE/f/8hPN4O9xL6Y1ZNp/RtXpxgKPX49UeN6NfYFwhik0sxca05kSQ6qy6gd5ahWwU+nsB/LS1v6vT0mCizI60JmNDxS80otRzI=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=RaKijOFYwmXlHf7twMhbctSgA+AnWLMZSlYqhF37GmlG/L8WFzK1cFtYHpGPpR8jQT9/9tqHlkSzWQxF/qF+80C78YgSUb4Niee/v6YlOJ8EQf93IGRKVfV37/QHDHRSeUAYiLXUa/rOK/Dsc1XPjOHhzJoG06HZNlG1CDb8Wqw=
- In-reply-to: <20070309080320.GG31912@leitl.org>
- References: <45F0F110.firstname.lastname@example.org> <email@example.com> <20070309080320.GG31912@leitl.org>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On 3/9/07, Eugen Leitl <eugen@xxxxxxxxx> wrote:
On Fri, Mar 09, 2007 at 08:37:58AM +0100, Alexander W. Janssen wrote:
> If TOR would legally qualify as an ISP, we're in deep trouble.
We don't provide access to the Internet, and we're not charging
for it. Last time I looked the data retention laws also allowed
a loophole for very small providers.
I hope so, although I wonder how "small" will be defined. How would
you tell how many users your have on your TOR-node?
> Keyword: the upcoming data-retention laws in Europe.
Even if you ran a Tor node with logging, and you gave
BKA a slice for the time window they ask you for, that
would be quite useless.
No; the point is if you'd qualify as an "access provider" you need to
enable "relevant logging". ETSI already defined interfaces and
data-sets which would come quite handy.
But I agree with you: The law isn't here yet.
"I am tired of all this sort of thing called science here... We have spent
millions in that sort of thing for the last few years, and it is time it
should be stopped."
-- Simon Cameron, U.S. Senator, on the Smithsonian Institute, 1901.