nanog mailing list archives

Re: SRv6

From: Łukasz Bromirski <lukasz () bromirski net>
Date: Mon, 21 Sep 2020 09:38:13 +0200

Mark,

On 20 Sep 2020, at 13:02, Mark Tinka <mark.tinka () seacom com> wrote:



On 19/Sep/20 22:53, Valdis Kl ē tnieks wrote:

Are there any actual countries heading that way?  Seems like most of them insist
they have the ability to snoop unencrypted traffic (where "crypto that has a baked-in
back door" counts as unencrypted).


Let's not give them a reason.

The most I've heard (from Africa) is countries making requirements for nominated information to not be stored outside 
of the country, especially in the U.S, and parts of Europe. To some extent, this has pushed many of the cloud bags to 
become present in Africa so they can comply, although I'm not sure even sleeping with one eye open counts as being 
safe in that respect.


I believe right now the only country in the world with enforcing of crypto backdoors is Australia[1], which is kind-of 
crazy. OTOH, they had their own set of problems with massive Chinese intelligence penetration.

And we have couple of countries like Russia, obviously China, Turkey(?) that insist or either having your data locally, 
dear content provider, or forbid your service to operate at all in given country. Apple, Amazon, Microsoft and Google 
of this world are on a different level of compliance here. As far as I know, in most of EU countries, inspecting 
payload of customer traffic is explicitly forbidden by telco laws.

Ah, and there’s cooperation between US and EU about exchanging citizen data, which recently was stopped by EU once it 
become obvious, US was abusing that cooperation[2]. That can help potential malicious SP to cross-check and correlate 
user to content across continents.

We’re living in interesting times.

[1]. https://www.cyberscoop.com/australia-encryption-backdoors-law-passes/

[2]. 
https://www.wsj.com/articles/eus-top-court-restricts-personal-data-transfers-to-u-s-citing-surveillance-concerns-11594888385

-- 
Łukasz Bromirski
CCIE R&S/SP #15929, CCDE #2012::17, PGP Key ID: 0xFD077F6A

Current thread:

Re: SRv6, (continued)
- - - Re: SRv6 Mark Tinka (Sep 17)
    - Re: SRv6 mark seery (Sep 17)
    - Re: SRv6 Mark Tinka (Sep 17)
    - Re: SRv6 tim () pelican org (Sep 18)
    - Re: SRv6 Mark Tinka (Sep 18)
    - Re: SRv6 Wilco Baan Hofman (Sep 18)
    - Re: SRv6 mark seery (Sep 18)
    - Re: SRv6 Mark Tinka (Sep 19)
    - Re: SRv6 Valdis Klētnieks (Sep 19)
    - Re: SRv6 Mark Tinka (Sep 20)
    - Re: SRv6 Łukasz Bromirski (Sep 21)
    - Re: SRv6 Mark Tinka (Sep 16)
    - Re: SRv6 James Bensley (Sep 16)
    - Re: SRv6 Randy Bush (Sep 16)
    - Re: SRv6 Paul Timmins (Sep 16)
    - Re: SRv6 James Bensley (Sep 18)
    - Re: SRv6 Randy Bush (Sep 18)
    - Re: SRv6 Tom Hill (Sep 21)
    - Re: SRv6 Randy Bush (Sep 21)
    - Re: SRv6 Tom Hill (Sep 21)
    - Re: SRv6 James Bensley (Sep 21)

(Thread continues...)