[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How evil is TLS cert collection?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] How evil is TLS cert collection?
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Fri, 25 Mar 2011 03:11:58 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 25 Mar 2011 03:12:14 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=9trNv1o9lCBCBf+aSI/Ke1JlixRWL2SzwanUXhYmjV8=; b=s3B5P2OO3Y7sZrzZ1LZlVOXAO/YcANxDQA+cniiGGDces2D7XJc+odYRLDBXeW2Ua6 vo39qEaAXkrc/gw7obnEp+SGZ4nxkf/T4rTSybDMiUC2wWCTK9eism7u0QouhDdyaR4U fAlNEg5dVF3UFx/FJFPUGXvG42E47fNI546hs=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=ogH1pJALLe1Colu8O9obYFD5OBjvq+R2S/qIZw9JIY2N4ALgTsTLTAAqw7pKtqnGXv 4hqyWvtZTtLDdza757XZz1QAheVWBRLWF0pEJOojtuJbpNNAuTBdSvd0977qF2HsCNaJ wMz630p69pvOT8N0nkYUSr1YU6WzxVLaKltCw=
In-reply-to: <4D87BE7F.9000902@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20110321005806.GA15548@xxxxxxxxxx> <AANLkTikFNLWruSHwOKrgk4ZyAN9tfnkr9+Zb0PUVRqOm@xxxxxxxxxxxxxx> <20110321030544.GE25753@xxxxxxxxxx> <4D87BE7F.9000902@xxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

> if EFF was presented with a national security letter
> or other legal demand under seal demanding the
> existence of a given certificate not be exposed,
> would they be bound to not present a MITM alert for
> that cert?
>> Leaving this for pde and/or Seth.
> It's a question for our legal team. I'll ask them.

From various side channels, I've been led to believe
that a certain portion of the legal community feels
that NSL's are not, in fact, legal/constitutional... and
they are awaiting a good test case before presenting
that question.

It would seem prudent for an ISP or node op to be quite
concerned about following any demand that was not
signed by a judge having jurisdiction... mostly to avoid
doing anything that could later become a criminal or
civil liability for them. Such as say installing and operating
a wiretap under the guise/authority of such an extrajudicial
letter or demand. For that reason alone, it would seem
wise to seek review of any such thing before blindly
producing or performing work.

Note also that federal, state and even most county
jurisdictions have 24hr judges on call, plus the FISA
court for particularly sensitive 'national security' issues.

ianal, call one :)
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] How evil is TLS cert collection?
  - From: Mike Perry
- Re: [tor-talk] How evil is TLS cert collection?
  - From: coderman
- Re: [tor-talk] How evil is TLS cert collection?
  - From: Mike Perry
- Re: [tor-talk] How evil is TLS cert collection?
  - From: Chris Palmer

Prev by Author: [tor-talk] Better MAPADDRESS [was: FB/Yahoo]
Next by Author: Re: [tor-talk] How evil is TLS cert collection?
Previous by thread: Re: [tor-talk] How evil is TLS cert collection?
Next by thread: Re: [tor-talk] How evil is TLS cert collection?
Index(es):
- Author
- Thread