nanog mailing list archives
Re: SRv6
From: Łukasz Bromirski <lukasz () bromirski net>
Date: Mon, 21 Sep 2020 09:38:13 +0200
Mark,
On 20 Sep 2020, at 13:02, Mark Tinka <mark.tinka () seacom com> wrote: On 19/Sep/20 22:53, Valdis Kl ē tnieks wrote:Are there any actual countries heading that way? Seems like most of them insist they have the ability to snoop unencrypted traffic (where "crypto that has a baked-in back door" counts as unencrypted).Let's not give them a reason. The most I've heard (from Africa) is countries making requirements for nominated information to not be stored outside of the country, especially in the U.S, and parts of Europe. To some extent, this has pushed many of the cloud bags to become present in Africa so they can comply, although I'm not sure even sleeping with one eye open counts as being safe in that respect.
I believe right now the only country in the world with enforcing of crypto backdoors is Australia[1], which is kind-of crazy. OTOH, they had their own set of problems with massive Chinese intelligence penetration. And we have couple of countries like Russia, obviously China, Turkey(?) that insist or either having your data locally, dear content provider, or forbid your service to operate at all in given country. Apple, Amazon, Microsoft and Google of this world are on a different level of compliance here. As far as I know, in most of EU countries, inspecting payload of customer traffic is explicitly forbidden by telco laws. Ah, and there’s cooperation between US and EU about exchanging citizen data, which recently was stopped by EU once it become obvious, US was abusing that cooperation[2]. That can help potential malicious SP to cross-check and correlate user to content across continents. We’re living in interesting times. [1]. https://www.cyberscoop.com/australia-encryption-backdoors-law-passes/ [2]. https://www.wsj.com/articles/eus-top-court-restricts-personal-data-transfers-to-u-s-citing-surveillance-concerns-11594888385 -- Łukasz Bromirski CCIE R&S/SP #15929, CCDE #2012::17, PGP Key ID: 0xFD077F6A
Current thread:
- Re: SRv6, (continued)
- Re: SRv6 Valdis Klētnieks (Sep 19)
- Re: SRv6 Mark Tinka (Sep 20)
- Re: SRv6 Łukasz Bromirski (Sep 21)
- Re: SRv6 Mark Tinka (Sep 16)
- Re: SRv6 James Bensley (Sep 16)
- Re: SRv6 Randy Bush (Sep 16)
- Re: SRv6 Paul Timmins (Sep 16)
- Re: SRv6 James Bensley (Sep 18)
- Re: SRv6 Randy Bush (Sep 18)
- Re: SRv6 Tom Hill (Sep 21)
- Re: SRv6 Randy Bush (Sep 21)
- Re: SRv6 Tom Hill (Sep 21)
- Re: SRv6 James Bensley (Sep 21)