[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Securing Electronic Mail Within HMG



John Young wrote:
> 
> We have received from an anonymous source a document titled:
> 
> "Securing Electronic Mail Within HMG, Part I, Infrastructure 
> and Protocol." 21 March 1996.
> 
> From the Introduction:
> 
> "This document is the first part of CESG's recommendations for 
> securing electronic mail within HMG. The main objective of the 
> recommendations is to facilitate pan-government secure inter-
> operability of electronic mail, by simplifying the implementation 
> of secure electronic mail within government, ensuring secure 
> electronic mail between departments is possible, attempting to 
> facilitate future inter-operability with commercial users,
> maximising the use of commercial technology in a controlled manner,
> whilst allowing access to keys for data recovery or law enforcement 
> purposes if required."
> 
> Other sections describe:
> 
> 2. Authentication Framework
> 
> 3. Confidentiality Framework
> 
> 4. Security Protocol
> 
> The document refers to the Royal Holloway program for TTP critiqued 
> by Ross Anderson and others as "EuroClipper." Perhaps those with 
> more knowledge could make an assessment.
> 
> The document consists of 13 pages of text and diagrams, with 
> a few gaps.

This document is available on the Web, at:

http://www.xopen.org/public/tech/security/pki/casm/casm.htm

see also my "addendum" to Anderson & Roe's paper (which is actually a critique
of the above proposal, rather than RH itself) at:

http://www.algroup.co.uk/crypto/rh.html

Cheers,

Ben.

-- 
Ben Laurie                Phone: +44 (181) 994 6435  Email: [email protected]
Freelance Consultant and  Fax:   +44 (181) 994 6472
Technical Director        URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd,         Apache Group member (http://www.apache.org)
London, England.          Apache-SSL author