[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How evil is TLS cert collection?

> if EFF was presented with a national security letter
> or other legal demand under seal demanding the
> existence of a given certificate not be exposed,
> would they be bound to not present a MITM alert for
> that cert?
>> Leaving this for pde and/or Seth.
> It's a question for our legal team. I'll ask them.

From various side channels, I've been led to believe
that a certain portion of the legal community feels
that NSL's are not, in fact, legal/constitutional... and
they are awaiting a good test case before presenting
that question.

It would seem prudent for an ISP or node op to be quite
concerned about following any demand that was not
signed by a judge having jurisdiction... mostly to avoid
doing anything that could later become a criminal or
civil liability for them. Such as say installing and operating
a wiretap under the guise/authority of such an extrajudicial
letter or demand. For that reason alone, it would seem
wise to seek review of any such thing before blindly
producing or performing work.

Note also that federal, state and even most county
jurisdictions have 24hr judges on call, plus the FISA
court for particularly sensitive 'national security' issues.

ianal, call one :)
tor-talk mailing list