> To those of you who can't decypher PGP - you can still be certain of
> the authenticity of this note because I've signed it with my public
> key.
>
> (available from my website....)

... because his key is signed by me, and my key is signed by the author
of PGP, Phil Zimmerman. This is called a certification chain.

A significant problem with how Zergo wants to do things is that the
certification chain would be taken over by the government, i.e. every
doctor's key would be signed by a `Trusted Third Party'. Leaked GCHQ
documents reveal that they planned to have this `Trusted Third Party'
administered by one of their own staff.

But doctors' keys should be able to be certified without reference to
outside authority, whether GCHQ or Phil Zimmerman. Our pointing this
out led to the recent press release stating that encryption systems
should `reflect the existing trust structures in clinical practice'.

The GCHQ programme now is to ensure that there is a single `Trusted
Third Party' even if it is under the nominal control of the GMC. One
centre would be cheaper to subvert that a diversity of them.

Interestingly, the NSA definition of `trust' is this: a trusted
system is one that can tracelessly break my security policy.

However, a single centre of trust will (thankfully) not work. Imagine
the kerfuffle if you have to ring up the GMC for fresh key material
every time you get a locum in for the day!

Experience elsewhere (e.g. banking) shows that you have to put the
trust management in the same place as the personnel management. That
means that each one of the 12,000 NHS provider organisations will have
to manage their own keys.

Ross


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%