[SECURITY]

[Ben Marsden <bmarsden () SMITH EDU>]

Been a while since I looked at this, but agree with Mark's assessment.   I
also agree with Kevin's sentiment, but with this caveat : pragmatically
parallel with compliance is nice, but technically in compliance can suck;
and I'd really rather NOT have some legal enforcement or 3-letter entity
telling me what compliance looks like if I can avoid it.  I'd also much
rather be affirmatively helpful than strong-armed coerced; or in other
words, act on a request (with legal's blessing) rather than compelled to
assist (at legal's insistence).  fwiw,

-- Ben

On Fri, Jun 12, 2015 at 10:17 AM, Kevin Wilcox <wilcoxkm () appstate edu>
wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> On 12/06/15 06:31, Berman, Mark wrote:
>
> > Bottom line, it's a lot easier to declare yourself exempt than to
> > spend money on hardware to try and comply. As far as I know this
> > has never been litigated and until it is and a judge says I'm
> > wrong, I'll stand on that opinion.
>
> Considering the OTHER benefits you get from having a compliant
> network, like being able to identify your users, accounting for each
> system on the network, accounting for WHERE each system is on the
> network, etc., I would argue that compliance with CALEA is a
> side-effect of a well-designed network. If you're worried about what
> you'll need to change to be CALEA-compliant, you're already losing in
> other critical areas.
>
> kmw
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
>
> iEYEARECAAYFAlV66gAACgkQsKMTOtQ3fKE3ZgCgoyIONFJitPYYTNq8Gu/lBfSo
> XT4An0KeXh0spX4Kb2UTpICaJWHdKy5h
> =5h+o
> -----END PGP SIGNATURE-----



-- 
============================================
Ben Marsden : Information Security Director, CISSP/GISP
ITS, Stoddard Hall, Smith College, Northampton, MA 01063
bmarsden [at] smith [.] edu     413 [.] 585 [.] 4479
---------------------------------------------------------------------
=--> Any request to reveal your Smith password via email is fraudulent!