Comments on: Infoporn: VeriSign NetDiscovery "Lawful Interception Service"

By: Bill_Owens

Bill_Owens — Wed, 30 Nov -0001 00:00:00 +0000

It’s an implementation of a CALEA “Trusted Third Party” service. Makes your ISP network CALEA-compliant without you having to worry about pesky things like subpoenas and network taps. Is CALEA a terrible thing? Is outsourcing your wiretapping wise? Dunno. But it doesn’t appear to be an FBI plot (at least, not as far as I can tell).

Bill.

By: Burz

Burz — Wed, 30 Nov -0001 00:00:00 +0000

I was struck by this fact when reading this Wired article just yesterday. It mentions in passing that VeriSign contracts as a wiretapper in addition to phone companies.

IMHO this sort of activity is possibly a deep, deep conflict interest and betrayal of trust for a certificate authority like VeriSign to be engaged in. I could be wrong but it seems likely that VeriSign could, with help from ISPs, use their position to stage man-in-the-middle attacks on unsuspecting users without prompting any certificate warnings.

Would someone with detailed background care to comment on this possibility?

By: Anonymous

Anonymous — Wed, 30 Nov -0001 00:00:00 +0000

Well now we know why Verisign always gets it’s contract to manage the DNS renewed.

By: Anonymous

Anonymous — Wed, 30 Nov -0001 00:00:00 +0000

As far as “the law” is concerned, do “lawful” and “legal” mean the same thing?

By: Anonymous

Anonymous — Wed, 30 Nov -0001 00:00:00 +0000

This is a design that many of the IP based phone carriers are utilizing instead of building the hugely expensive infrastructure to do it themselves. Verisign is not the only provider offering this service, there are several others and these products provide the compliance that companies like Vonage are required to maintain.

I have many customers who use these products but none of them have ever been served with warrants to tap their lines.