[AusNOG] (Meta-)Data Retention

Jeremy Visser jeremy at visser.name
Tue Aug 5 18:22:51 EST 2014


On 5 Aug 2014, at 15:47, Matt Palmer <mpalmer at hezmatt.org> wrote:
>> (b) “Sure I have access to their router. Let me log on, grab the private
>> keys, and decrypt the VPN for you.”
> 
> If you're not enabling perfect forward secrecy on everything, or pushing
> customers to upgrade to equipment on which PFS can be enabled, you're being
> derelict in your duty to your customers.

Sure I enable PFS on all my customer routers, but I’m more thinking of the possibility of the feds asking me to neuter said protections.

Definitely something I’d have to discuss with a lawyer should the situation arise, at the risk of them getting cranky at the delay should the black van pull up outside the office.



More information about the AusNOG mailing list