Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
When networks fail, hams to the rescue
Alliance to promote Windows-managed Macs in enterprise
Lockheed Martin gets $89 million to converge DoD distribution networks
Clothes don't make this man: Sweatshirt helps nail Citibank card scammer
Microsoft readies new try for Yahoo
Gartner: Seven cloud-computing security risks
Autonomy, Endeca rate among top enterprise search vendors
Barracuda countersues Trend Micro in patent case
Mozilla's Firefox 3 sets geeky world record
Microsoft SharePoint popularity comes with issues
IBM mainframe acquisition raises antitrust concerns
Diary of a deliberately spammed housewife
Report: Tech giants forming 'patent troll' alliance
Trojan lurks, waiting to steal admin passwords
California enacts cell-phone driving ban
/

IETF meeting: Wiretap debate full of static

Today's breaking news
Send to a friendFeedback

Advertisement:

By Carolyn Duffy Marsan
Network World Fusion, 11/11/99

In a surprising turn of events, the Internet engineering community last night sent a mixed message to its leadership regarding the development of protocols that would make it easier for law enforcement agencies to intercept communications over the 'Net.

The issue of whether a wiretapping capability should be built into the Internet has been the hottest topic at the Internet Engineering Task Force's 46th meeting this week. In the hallways of the Omni Shoreham Hotel and on the IETF's online mailing list, most of the arguments ran against the wiretapping proposal.

However, at a formal discussion held last night, a larger-than-expected number of IETF members made arguments in favor of creating protocols that support wiretapping. And in a vote taken at the end of the debate, more members abstained from voting on the issue than opposed it.

"Based on this vote, we would be foolish to rush to judgment,'' says Brian Carpenter, chair of the IETF's Internet Architecture Board and program director for Internet standards and technology at IBM. "We will put out a draft statement for comment on the mailing list, but it probably won't be out any time soon.''

The wiretapping proposal emerged from the IETF's work on protocols to support telephony over the Internet. A wiretapping capability is built into central office telephone switches, and various countries including the U.S. require carriers to intercept or report on communications at the request of government agencies. At issue is whether these requirements will apply to voice communications over the Internet.

The U.S. government has not asked the IETF to build a wiretapping capability into the Internet. However, there is an existing law -The Communications Assistance for Law Enforcement Act of 1994 (CALEA)-that requires carriers to have wiretapping capabilities built into the phone systems and fines them $10,000 per day if they don't comply. Carriers are afraid that CALEA will apply to voice over IP.

Several IETF members who work for companies that manufacturer telephone switches fear they won't be able to sell combined voice and data switches to carriers unless these switches support wiretapping. These members want to build wiretap support into a gateway protocol that converts voice traffic into Internet data packets.

"We're going to do wiretapping somewhere because it's the law and most of our customers want it,'' says Brian Rosen, an engineer with Fore Systems. Rosen argues that the IETF should get involved with wiretapping to ensure that it is done correctly. "It's easy to do the tap,'' he says. "It's hard to restrict what the tap can do.''

Tom Taylor, a Nortel Networks engineer who directs the IETF working group that first raised the wiretapping issue, says the debate is moot because any IP telephony system that supports conferencing and listen-only communications could be used for wiretapping. "The requirement to provide wiretapping will be satisfied automatically,'' he says.

Opponents of the proposal - including many network managers - argue that building a wiretapping capability into protocols will weaken the security of Internet applications.

"We do not know how to build a wiretap capability that's feasible for law enforcement and that does not significantly compromise people's security,'' says Keith Moore, applications area director for the IETF and a University of Tennessee employee.

Although a consensus was not reached at the IETF meeting, the group's leadership is under pressure to vote against the wiretapping proposal.

On Monday, more than 60 individuals and lobbying groups - including the IEEE, the Electronic Frontier Foundation, the Electronic Privacy Information Center and Computer Professionals for Social Responsibility - sent an open letter urging the IETF not to adopt new protocols or modify existing protocols to facilitate eavesdropping.

The letter cited concerns that any back door built into the Internet for legitimate law enforcement purposes could be exploited by hackers or repressive governmental regimes. The letter also points out that the IETF is not required to develop surveillance protocols and that doing so is inconsistent with the group's past activities. Furthermore, the letter states that surveillance protocols will not prevent crime because criminals will use end-to-end encryption to get around law enforcement wiretaps.

Building a wiretapping capability into the Internet "would harm network security, result in more illegal activities, diminish users' privacy, stifle innovation and impose significant costs on developers of communications,'' the letter states. "At the same time, it is likely that Internet surveillance protocols would provide little or no real benefit for law enforcement.''

Also urging the IETF to leave the wiretapping issue alone is Representative Bob Barr [R-Ga.], an opponent of CALEA. In a recent letter to IETF Chair Fred Baker, Barr asserts that building a wiretapping capability into the Internet would foster hacking, increase the government's demand for Internet surveillance and add costs to Internet-based products.

"Compliance costs could bring the development of exciting new Internet telephony products and services to a virtual standstill,'' Barr says. "I urge you to draw the line firmly and early by immediately rejecting any attempts to force a cumbersome, expensive and dangerous surveillance architecture on the Internet.''

RELATED LINKS

Contact Senior Editor Carolyn Duffy Marsan

Other recent articles by Marsan

Feedback
Tell us your thoughts on this article or the issues it raises.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.