RIPA s 12(7)

Caspar Bowden (lists) lists at
Mon Jun 16 08:04:15 BST 2014

On 06/16/14 00:26, Peter Fairbrother wrote:
> On 12/06/14 12:20, Caspar Bowden (lists) wrote:
>> ....but a s.49 RIP order can require CSP to produce plaintext (or 
>> key) to
>> any past (or future) data. If the key isn't available (e.g there is
>> client-side code) a recipient of a s.49 can be required to give all
>> co-operation necessary to have a defence.
> I'm beginning to wonder whether that last is actually true.
> ..
> Most specifically, you can't be forced to ask someone else for keys to 
> which you only have conditional access to.

don't understand what you mean by "conditional"

>> Wonder opinions if this sufficient for UK to (coercively) "do a
>> Hushmail" ? Or under Intel Services Act, or RIPA Pt.2 ?
> I'm not sure what you mean here.

Actually I had forgotten that this case involved server-side extraction 
of key (read above). This is obviously within RIP Pt.3 - I remain 
worried about trying to find combo of UK powers which could coerce a 
client-side attack (e.g. he provider has to inject back-doored 
javascript code)


More information about the ukcrypto mailing list