Document: draft-baker-slem-architecture-02
Reviewer: Spencer Dawkins
Date: June 20, 2004

This document is specifically a description of Cisco's architecture
for lawful intercept, so "not an end run". It does seem to handwave
the problem of loss on the (f) interface, but does not "present an
incompatible change to IETF technologies as if it were compatible".

Notes for Fred/Chip:

- on page 4, "The fact that there are multiple intercepts should be
transparent to the LEAs" is just about impossible for me to grok -
does this mean that the LEA gets meaningful information even if two or
more conversations overlap? Or something else? I can make up an
interpretation, but I'm trying to read your minds.

(And, as long as I'm typing, I didn't see a requirement about when one
intercept target is talking to another intercept target - deliver one
intercept record? Two? Or something else?)

- Page 11 - I understand the point about a non-IP endpoint not having
abilities to traceroute, etc., but if the non-IP endpoint is planning
a bank heist with an IP endpoint, the accomplice does still have the
ability to traceroute. Would you say that the problem doesn't go away
unless both ends are non-IP?

- You guys already have a IESG note about 2804, but it probably should
be an informational reference, I would think.

Other that these comments - it's a well-thought-out and readable
architecture document. I wish they all were!

Spencer