Re: Mandatory encryption *is* theater

Such entities would have motivation to circumvent security regardless of
whether or not things are encrypted. That problem isn't technical-- it is
political.
In any case, the intent here is to negotiate for encryption, not security.
-=R


On Sun, Aug 25, 2013 at 1:52 PM, Poul-Henning Kamp <phk@phk.freebsd.dk>wrote:

> In message <CAP+FsNenAQvhoMMNmWj_hjjV9rrZPQT92pNGXaM3Kdm0T_bu=
> Q@mail.gmail.com>, Roberto Peon writes:
>
> >In any case, if you're doing the work of signing, why not just encrypt?
>
> Because signing wouldn't force Police-states intelligence services
> to break, weaken or circumvent any and all encryption, in order to
> comply with the mandate they were put under, by democratically
> elected politicians ?
>
> If you make encryption mandatory in HTTP/2.0, more of your tax-money
> will drain into NSA[1] ?
>
> Poul-Henning
>
> [1] The Guardian pegs the number at around 850.000 NSA employees
> and contractors:
>
> http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa
>
> --
> Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
> phk@FreeBSD.ORG         | TCP/IP since RFC 956
> FreeBSD committer       | BSD since 4.3-tahoe
> Never attribute to malice what can adequately be explained by incompetence.
>

Received on Sunday, 25 August 2013 21:01:56 UTC