sorry, but ...
igb at batten.eu.org
Wed Jul 25 12:23:57 BST 2012
On 25 Jul 2012, at 09:50, Roland Perry wrote:
> ps Am I right in saying that the proposed law voids one of the Data Retention Directive's alleged 'shortcomings' [although opinions vary] in that it only applies to classic POP3/SMTP/IMAP/etc email, and not to pages of HTML which happen to contain text from one person to another (eg webmail, but also the IM and 'status update' features of social networking are delivered both ways by HTML).
My impression is that not only is that an effect of the draft legislation, it's one of the main intents. You can look at an SMTP/POP3/IMAP exchange and easily distinguish between traffic data and content in a deterministic way (assuming envelope is traffic, body is content and headers are one or the other). But for webmail, there's an HTTP session taking place which contains no useful data at all, and then the content of the HTTP session is envelope, header and body mixed together in arbitrary ways. Being able to get at the traffic data aspects of a webmail service or other web-based communications system without requiring a home secretary warrant seems the main purpose of the legislation.
More information about the ukcrypto