[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Scope of applicability for CUI

To: "'jari.arkko@piuha.net'" <jari.arkko@piuha.net>, Avi Lior <avi@bridgewatersystems.com>
Subject: RE: Scope of applicability for CUI
From: Avi Lior <avi@bridgewatersystems.com>
Date: Thu, 23 Dec 2004 17:53:29 -0500
Cc: radiusext@ops.ietf.org

Well,

I am not against have non opaque CUIs.

Regarding LEA. LEA is hard enough in one jurisdiction.  I wouldn't want to
guess or even try to understand what the ultimate solution for that problem
is.

The reason I didn't oppose having the other types of CUI is that I see no
harm in having them.



> -----Original Message-----
> From: Jari Arkko [mailto:jari.arkko@piuha.net] 
> Sent: Thursday, December 23, 2004 4:06 PM
> To: Avi Lior
> Cc: radiusext@ops.ietf.org
> Subject: Re: Scope of applicability for CUI
> 
> 
> Hi Avi,
> 
> Continuing the requirements discussion still for one
> part:
> 
> > Regarding legal interception:
> > 
> > Yes they may want certain CUI forms but Opaque may also 
> sufficie.  For 
> > example, with Opaque values they may insist that the issuer of the 
> > opaque CUI not reuse any of the values for six months. That 
> is, they 
> > may issue a new opaque value for the a identity every 
> month. But will 
> > freeze the value for 6 months.
> > 
> > Then the law enforcement agency (LEA) can then issue a 
> court order and 
> > require that the issuer of the opaque value resolve it back to the 
> > user identity.
> 
> If legal interception is a requirement, I'm not sure the
> above is sufficient. There are multiple organizations and 
> countries involved. If I am visiting in country X and they 
> want to intercept all my usage in that country, it does not 
> help if CUI indicates "1245@anisp.countryY" -- particularly 
> if X and Y don't want to reveal to each other who they are 
> tracking. From the point of view of the access network and 
> country X, its much easier to just require cleartext CUIs...
> 
> (I'm just guessing that this might be one of the reasons
> why people want to have non-opaque CUIs. It would be good
> if someone could confirm this.)
> 
> --Jari
> 

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: Re: Scope of applicability for CUI
Next by Date: CUI version -01
Previous by thread: RE: Scope of applicability for CUI
Next by thread: [RFC2486bis] Issue 42: Definition of "Privacy"
Index(es):
- Date
- Thread