[VOIPSEC] CALEA Enforcement
Karthik Srinivasan
karsrini1973 at yahoo.com
Sun May 7 21:52:48 CDT 2006
The order has targeted the telecom carriers. But what about providers like Vonage or services like Skype. If someone is "on the wall" as far as the law is concerned, they may as well use these services and escape any intercept.
Geoff Devine <gdevine at cedarpointcom.com> wrote:
If you look at standards bodies like 3GPP and TISPAN, the EU is
certainly treating lawful intercept as a core requirement for VoIP
networks. The US requirement that all service providers offer the
equivalent of J-STD-025 call content and call detail also exists in ETSI
documents. Class 5 offices have been required to support lawful
intercept for years. That requirement is now being pushed to edge
devices like media gateways, CMTSs, DSLAMs, and edge routers. Not only
is it feasible, but it's already implemented in North America for all
the voice over cable deployments (approaching 3 million VoIP lines and
growing exponentially).
PacketCable uses an SDESCRIPTIONS-like key exchange where the media
keying is passed in the clear within the SDP. Call signaling is
encrypted between the client device and the walled garden. It's more
secure than today's telephone network since you have to be at the cable
head end (inside the walled garden) to see decrypted signaling traffic.
With a butt set, I can listen in on any analog phone line by tapping in
anywhere on the copper loop.
Geoff Devine
Chief Architect
Cedar Point Communications
----------------------------------------------------------------------
Date: Sat, 6 May 2006 14:29:53 +0200
From: "Voiceline"
Subject: Re: [VOIPSEC] CALEA Enforcement
To: "Gupta, Sachin" ,
Message-ID: <000f01c67108$c70d1c00$0b01a8c0 at patrick>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=original
The fourth order: "call-identifying information" and "call content
information"
Call content information is taking it to fare in my opinion (Not even
getting in to the "protecting subscriber privacy" issue), the ISP would
have
to store all the content of all calls, not feasible in any practical
sense.
The EU is seemingly not taking it that fare, only call-identifying
information is on the table, "at the moment"...
/Patrick
----- Original Message -----
From: "Gupta, Sachin"
To:
Sent: Friday, May 05, 2006 10:33 PM
Subject: [VOIPSEC] CALEA Enforcement
>I came across an article which mentions the enforcement of CALEA .
Would
> this mean no end-to-end security ?
> How would any kind of legal intercept be possible if there is
end-to-end
> security ?
>
> http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-265221A1.pdf
>
> Sachin
_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org
---------------------------------
How low will we go? Check out Yahoo! Messenger’s low PC-to-Phone call rates.
More information about the Voipsec
mailing list