RIPA s 12(7)
Caspar Bowden (lists)
lists at casparbowden.net
Mon Jun 16 08:04:15 BST 2014
On 06/16/14 00:26, Peter Fairbrother wrote:
> On 12/06/14 12:20, Caspar Bowden (lists) wrote:
>> ....but a s.49 RIP order can require CSP to produce plaintext (or
>> key) to
>> any past (or future) data. If the key isn't available (e.g there is
>> client-side code) a recipient of a s.49 can be required to give all
>> co-operation necessary to have a defence.
>
> I'm beginning to wonder whether that last is actually true.
> ..
>
> Most specifically, you can't be forced to ask someone else for keys to
> which you only have conditional access to.
don't understand what you mean by "conditional"
>
>>
>> Wonder opinions if this sufficient for UK to (coercively) "do a
>> Hushmail" ? Or under Intel Services Act, or RIPA Pt.2 ?
>
> I'm not sure what you mean here.
http://www.wired.com/2007/11/encrypted-e-mai/
Actually I had forgotten that this case involved server-side extraction
of key (read above). This is obviously within RIP Pt.3 - I remain
worried about trying to find combo of UK powers which could coerce a
client-side attack (e.g. he provider has to inject back-doored
javascript code)
CB
More information about the ukcrypto
mailing list