W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2014

Re: HTTP/2 and Pervasive Monitoring

From: Greg Wilkins <gregw@intalio.com>
Date: Sat, 16 Aug 2014 09:23:16 +1000
Message-ID: <CAH_y2NGgUfYQ8SRu0oMaJF6xSKNZ-AXU7FPuMS4YJ7LdapUK4g@mail.gmail.com>
To: Poul-Henning Kamp <phk@phk.freebsd.dk>
Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
On 15 August 2014 22:34, Poul-Henning Kamp <phk@phk.freebsd.dk> wrote:

> Currently, they can run a filter which is essentially:
>
>         tcpdump -i all0 -w - | egrep -i "terrorist|bomb"
>

That kind of monitoring does take place,  but any *pervasive" monitoring of
that kind requires a warrant - or is illegal (and if illegal they can tap
into places that TLS will not help).

The type of *pervasive* monitoring that is legal and does take place widely
is

    tcpdump -i all0 -n | egrep "IP [0-9\.]* > IP.OF.KNOWN.NASTY"

This is not something that the protocol or TLS can fix.

cheers






-- 
Greg Wilkins <gregw@intalio.com>
http://eclipse.org/jetty HTTP, SPDY, Websocket server and client that scales
http://www.webtide.com  advice and support for jetty and cometd.
Received on Friday, 15 August 2014 23:23:45 UTC

This archive was generated by hypermail 2.3.1 : Monday, 9 September 2019 17:48:20 UTC