The CALEA functions aren’t in the modem, they’re in the CMTS, the router the modems talk to/through at the head end. I’d expect similar demarcation with other access technologies, but they’re not my area.
I see this new requirement as an attempt, at least partially, to bring CPE (Customer Premises Equipment) into CALEA scope.
My take is they’ve made the network a more hostile environment, and elevated the need and justification to build a more resilient overlay layer of encrypted and obfuscated channels.
HTTPS, QUIC, DoT/DoH and such have been piecemeal attempts which make sense over a neutral network. An actively hostile environment needs to be treated as a dumb pipe, preferably one of many diverse paths.
The CALEA functions aren’t in the modem, they’re in the CMTS, the router the modems talk to/through at the head end. I’d expect similar demarcation with other access technologies, but they’re not my area.
I see this new requirement as an attempt, at least partially, to bring CPE (Customer Premises Equipment) into CALEA scope.
My take is they’ve made the network a more hostile environment, and elevated the need and justification to build a more resilient overlay layer of encrypted and obfuscated channels.
HTTPS, QUIC, DoT/DoH and such have been piecemeal attempts which make sense over a neutral network. An actively hostile environment needs to be treated as a dumb pipe, preferably one of many diverse paths.