Hi Randy

Agreed and I'm not saying we should just hand everything over on a gold plate to LE. Bien we cannot just say no all the time, but should actually come up with solutions we feel are good or a good compromise.

I expect LE to understand our issues, but we should understand theirs

Best
Serge


On 10 April 2024 16:25:26 UTC, Randy Bush <randy@psg.com> wrote:
In a recent talk Jane Easterly said: "The private sector has promised
better security for yeas but has not delivered. This has to change".

was this not in the context of software and platform safety?  easterly
has been riding that hobby horse for a few years, and with serious
justification.

but i agree that the RIRs could be clearer in what they can and can not
do for LE.  and there needs to be a balance of visibility and privacy.
LE is always gonna want more; that's their job, and we need them.  but,
as jeff schiller said (in the ietf protocol design context) "Law
enforcement was not supposed to be easy.  Where it is easy, it's called
a police state."

randy

--
Dr. Serge Droz
Director, Forum of Incident Response and Security Teams
https://first.org