Educause Security Discussion mailing list archives

Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status

From: Alan Amesbury <amesbury () OITSEC UMN EDU>
Date: Fri, 14 Jul 2006 15:08:48 -0500

Rodney Petersen wrote:

Please excuse any cross-posting of this information.  However, I thought
that many of you might be interested in the announcement below that
includes an interpretation of the application of CALEA to institutions
of higher education after the ruling of the D.C. Court of Appeals.  The
key document introduced below is available at
http://www.educause.edu/ir/library/pdf/EPO0654.pdf

[snip]

From: educause [mailto:educause () EDUCAUSE EDU]
Sent: Thursday, July 13, 2006 4:55 PM
To: EMARKETING () LISTSERV EDUCAUSE EDU
Subject: [EDUCAUSECOPY] POLICY ALERT: College and University CALEA
Exemption Rests on Private Network Status

[snip]

"An institution should be exempt where it restricts the use of its

network to particular classes of users (e.g., students, faculty, and

administrators), and where the institution relies on a third party

(such as a commercial ISP or a regional network) to provide the

transmission and switching facilities used to route traffic to the

Internet, rather than self-supplying such facilities," the analysis

concludes.


I have to wonder how "transmission and switching facilities" are
defined, at least in the context of this document.  If an .EDU has a fat
pipe and a /16 provided by friendly.local.isp, then splits its /16 up
using its own switching and routing gear, does it now have to provide
all the intercept capabilities defined in CALEA?  What if it's an .EDU
who's got a narrower pipe with a /24 and uses some cheap managed
switches to segment traffic?  Both are arguably "transmission
facilities" and there's definitely some sort of switching going on.
Note that it doesn't touch on the myriad odd, remote installations that
I'm sure many/most of us have to service.  (Yes, I'll say it:  What of
NAT?  Does each Linksys WRT54G now need CALEA hooks?)


--
Alan Amesbury
(not speaking for the) University of Minnesota

Current thread:

POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status Rodney Petersen (Jul 13)
- <Possible follow-ups>
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status David L. Wasley (Jul 13)
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status Jeffrey I. Schiller (Jul 13)
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status Alan Amesbury (Jul 14)
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status Valdis Kletnieks (Jul 14)
- Re: POLICY ALERT: College and University CALEA Exemption Rests on Private Network Status George C. Russ (Jul 14)