 |
 |
> To those of you who can't decypher PGP - you can still be certain of > the authenticity of this note because I've signed it with my public > key. > > (available from my website....) ... because his key is signed by me, and my key is signed by the author of PGP, Phil Zimmerman. This is called a certification chain. A significant problem with how Zergo wants to do things is that the certification chain would be taken over by the government, i.e. every doctor's key would be signed by a `Trusted Third Party'. Leaked GCHQ documents reveal that they planned to have this `Trusted Third Party' administered by one of their own staff. But doctors' keys should be able to be certified without reference to outside authority, whether GCHQ or Phil Zimmerman. Our pointing this out led to the recent press release stating that encryption systems should `reflect the existing trust structures in clinical practice'. The GCHQ programme now is to ensure that there is a single `Trusted Third Party' even if it is under the nominal control of the GMC. One centre would be cheaper to subvert that a diversity of them. Interestingly, the NSA definition of `trust' is this: a trusted system is one that can tracelessly break my security policy. However, a single centre of trust will (thankfully) not work. Imagine the kerfuffle if you have to ring up the GMC for fresh key material every time you get a locum in for the day! Experience elsewhere (e.g. banking) shows that you have to put the trust management in the same place as the personnel management. That means that each one of the 12,000 NHS provider organisations will have to manage their own keys. Ross %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%