On Mon, Oct 21, 2013 at 9:08 PM, Kelly John Rose <iam@kjro.se> wrote:
Legally rolling them would defeat the point of the request and thus likely out you in contempt.
this is probably true; also yet to be tested in court.
The only solution is to not have the private key itself available to you and design the system such that you don't need it to do the minimal job Adminning the server.
It's like having no logs. You can't give away something you don't have. The solution is to design the systems so Americans simply don't have access to the info being requested.
agreed; this does imply that some services (email!) are forever vulnerable and thus verboten. i agree with this as well, though there's lots of resistance to acceptance of this new reality...