I do have a volunteer from EFF...
I had mentioned that both VeriSign and Neustar have people that are
fluent in the
technical and general legal issues as well as the legal aspects. It
would seem to make more sense to solicit one of those organizations
since NANOG is about operations, and not politics. The EFF is a
political organization and these are not topics that make sense for
NANOG, IMHO, the list, the program, or a BoF.
Having the EFF explain CALEA at NANOG is like asking the Sierra Club
to identify good
sites for oil wells in forests.
Best,
-M<
Having the EFF explain CALEA at NANOG is like asking the Sierra Club
to identify good sites for oil wells in forests.
well, we have had the oil companies multiple times.
randy
Martin Hannigan wrote:
I had mentioned that both VeriSign and Neustar have people that are
fluent in the
technical and general legal issues as well as the legal aspects. It
would seem to make more sense to solicit one of those organizations
since NANOG is about operations, and not politics. The EFF is a
political organization and these are not topics that make sense for
NANOG, IMHO, the list, the program, or a BoF.
Having the EFF explain CALEA at NANOG is like asking the Sierra Club
to identify good
sites for oil wells in forests.
I took a look at EFF's CALEA FAQ at CALEA and they appear to have a pretty good handle on the technical issues. I can understand why VeriSign would prefer to leave EFF's viewpoint out of any discussion of CALEA, but I believe that VeriSign's perspective is just as political as EFF's. It's reasonable to think that VeriSign might employ people with better technical knowledge than EFF, but that doesn't mean that EFF's presentation would be less valuable than VeriSign's. Given their respective viewpoints (protecting individual rights and freedoms versus protecting corporate profits) maybe it would make sense to hear from both. Were EFF entirely clueless regarding the technical issues, I would agree that they should not be invited to NANOG, but that appears to not be the case.
The more I think about this, the more I think a refereed
boxing^h^h^h^h^h^hpanel discussion between representatives
from DHS, FBI, EFF, FCC, Verisign, Neustar, and ITU might
be a good approach to this.
Owen
Humor me.. but just where does ITU come into this whole mess?
The ITU itself is likely irrelevant. However, those who run ISPs across
either the left or right puddle are likely to be hit with CALEA-like issues
within the next few years, when their countries adopt similar laws. And those
who think the EU's stand on privacy of data will prevent a CALEA should
consider the sorts of data-retention proposals that are getting floated
over there.
Yes - the laws themselves are politics. Being able to install compliant
routers without breaking the budget is totally operational... 
Fully agree. But there's a bit more "system" about what's going on in
the EU, and stronger privacy safeguards. The Council of Europe
convention on cybercrime should be a good starting point, as should at
least some of the presos here:
http://www.itu.int/osg/spu/cybersecurity/pgc/2007/events/agenda.phtml
Look at Session 5, and the special post lunch session the council of
europe organized
The meeting was audiocast as well so if you dont mind running
realplayer you should be able to listen to the panels as well
Malcolm at LINX has a wealth of knowledge about the EU equivalents, retention policy and such on this site :
... http://publicaffairs.linx.net/news/