Phone Call Security

Bradley Hook bhook at
Tue Jun 5 01:40:33 CEST 2007

CALEA amd such impose mandates on communications providers, not end
users. In fact, one of the popular ideas floating around right now to
deal with the CALEA mandate is to simply tell all of your users to turn
on IPSEC, which is host-based, and then the feds can tap whatever they
want. CALEA (specifically) doesn't require that the communications
providers produce a way to use the information on a network, they are
simply required to give the feds access to everything flowing over the
network. If the network operator does not have the means to decrypt it,
 it's the feds problem (under present interpretations). Of course, for
this cop-out to work, the network operator really does need to avoid
controlling the means to decrypt stuff, specifically the private keys on
the PKI certificates.


Florent THIERY wrote:
> An option would be some kind of "push-to-talk" : record mp3, crypt
> mp3, PUT mp3 (on a webserver/scp) -- download mp3, decrypt, listen.
> I'm not sure this would circumvent the legislative context; for
> instance, is writing encrypted sms illegal ? (i mean, by hand...)
> Regards
> Florent
> _______________________________________________
> OpenMoko community mailing list
> community at

More information about the community mailing list