On Wed, Jul 19, 2000 at 12:03:15PM +1000, Jamie Honan uttered:
> Its aim is to enable me to verify that I am who I say I am, thus
> requiring my 'profile' to be publically available?
Your public key, yes. But in this scheme it appears that the ATO are
generating the keys. That means they can take a copy in escrow and
forge your signature. I don't like that.
You can create a PKI without key escrow -- in fact that's what
assymetric keys are all about. What you do is generate your own key,
however you want to do that, and present the public key to a signing
authority (with appropriate identifying documentation, of course) who
then signs it. People can verify the signature on your key against the
signer's public key and so on up the chain and make a decision about "do
I trust that this signer has followed their stated procedure of
verification".
There is enormous good that can come about from a solid,
government-supported PKI. For starters it could make online credit card
orders non-repudiable if digital signatures are given the same force as
normal signatures.
The problem is that whenever the DSD gets involved, they start talking
"National Security" which means key escrow and no privacy.
> (Yes, who are sge and DSE? Any further reading you can recommend in
> this area?)
I meant DSD: Defence Signals Directorate. They seem to be
running/coordinating this sge.net which looks like it'll run the secure
transaction systems for the ATO and probably other agencies.
Have a poke around online for references to the DSD. In particular look
for references to Steve Orlowski of the Attorney-General's Department
who seems to be the main technical shaker and mover behind crypto issues
in this country. He is also an outspoken proponent for key escrow and
reducing the public's access to strong crypto.
A good start, written by some anonymous EFA legend with a good grasp of
the issues:
http://www.efa.org.au/Issues/Crypto/crypto2.html
--
Rev Simon Rumble Opinions expressed in this email may
[EMAIL PROTECTED] not reflect those of the host brain.
http://www.rumble.net
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
