[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Securing Electronic Mail Within HMG
John Young wrote:
>
> We have received from an anonymous source a document titled:
>
> "Securing Electronic Mail Within HMG, Part I, Infrastructure
> and Protocol." 21 March 1996.
>
> From the Introduction:
>
> "This document is the first part of CESG's recommendations for
> securing electronic mail within HMG. The main objective of the
> recommendations is to facilitate pan-government secure inter-
> operability of electronic mail, by simplifying the implementation
> of secure electronic mail within government, ensuring secure
> electronic mail between departments is possible, attempting to
> facilitate future inter-operability with commercial users,
> maximising the use of commercial technology in a controlled manner,
> whilst allowing access to keys for data recovery or law enforcement
> purposes if required."
>
> Other sections describe:
>
> 2. Authentication Framework
>
> 3. Confidentiality Framework
>
> 4. Security Protocol
>
> The document refers to the Royal Holloway program for TTP critiqued
> by Ross Anderson and others as "EuroClipper." Perhaps those with
> more knowledge could make an assessment.
>
> The document consists of 13 pages of text and diagrams, with
> a few gaps.
This document is available on the Web, at:
http://www.xopen.org/public/tech/security/pki/casm/casm.htm
see also my "addendum" to Anderson & Roe's paper (which is actually a critique
of the above proposal, rather than RH itself) at:
http://www.algroup.co.uk/crypto/rh.html
Cheers,
Ben.
--
Ben Laurie Phone: +44 (181) 994 6435 Email: [email protected]
Freelance Consultant and Fax: +44 (181) 994 6472
Technical Director URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd, Apache Group member (http://www.apache.org)
London, England. Apache-SSL author