URLs, IPs and interception
Ian Batten
ukcrypto at chiark.greenend.org.uk
Fri, 29 Feb 2008 22:52:57 +0000
On 29 Feb 2008, at 21:27, James Cox wrote:
> The ISP typically performs the name lookup... but that information
> is contained in the traffic it sends--
It's contained in DNS (port 53, client to recursive server in ISP)
traffic, but the ISP has no business seeing a single byte of the HTTP
traffic. I recall that back in the day some of the low-cost ISPs put
a transparent cache in front of their outbound links, but I think that
(a) isn't effective any more (I know our cache byte hit rate is
trivial to the point of pointlessness) and (b) that pre-dated RIPA.
Clive or Richard might know more --- Demon didn't do it, but I suspect
they've met people who did. Indeed, if I bought two ADSL connections
from two ISPs and slung all my DNS traffic down one and all my HTTP
down the other --- hardly rocket science to set up --- the HTTP ISP
has no business knowing anything about my traffic at all.
ian
> so there is a parallel to saying that BT shouldn't listen to
> conversations, the post office shouldn't read mail and your isp
> shouldn't reconstruct your browsing / email history.