 |
About Me | |
|
|
Background | |
|
|
Policy Analysis | |
|
|
Organisations | |
|
|
Cryptography | |
|
|
Technology | |
|
|
Cryptography | |
|
|
Computing | |
|
|
Mathematics | |
|
|
Papers | |
LICENSING OF TRUSTED THIRD PARTIES FOR THE PROVISION OF ENCRYPTION SERVICES
I have been running a survey of views on the proposals contained in the paper recently published by the Department of Trade and Industry on the licensing of Trusted Third Parties offering encryption services. The results are summarised in the following tables.
| Question | Yes | No |
|---|---|---|
| Do you think that the government has a case for the legislation which it is proposing without providing further supporting evidence? | 2% | 90% |
| Do you think that the government may have a case if it can provide further evidence in support of this? | 34% | 57% |
| Do you think that the Minister's Forward gives adequate weight to privacy needs? | 0% | 93% |
| Do you think that enough time has been allocated for comment? | 5% | 88% |
| Are privacy issues given sufficient attention in this paper? | 0% | 93% |
| Do you support the proposals in respect of communications | 3% | 95% |
| Do you support the proposals in respect of stored data | 0% | 97% |
| Do you agree that the government should give an unequivocal undertaking NOT to strengthen or extend existing export controls on non-TTP based encryption products and services? | 88% | 6% |
| Do you agree that the government should give an unequivocal undertaking NOT to introduce any controls on the development, sale or use of encryption products intended for the UK domestic market? | 90% | 6% |
| The original proposals issued in June 1996 contained an explicit undertaking that it was not the government's intention to regulate or in any way control the use of encryption by private citizens in the UK. This undertaking is now missing. Do you think that the government needs to re-introduce this undertaking? | 94% | 4% |
| To remove suspicions that it is engaged in 'creeping legislation' the government should explain how its proposals can meet its stated objectives without taking the additional step of controlling the availability and use of encryption products within the UK. | 91% | 3% |
| Considering the provision of each of the following TTP services, please indicate your preference for the end user choices which the government should allow | Licensed Only |
Unlicensed Only |
Choice
of Either |
|---|---|---|---|
| Confidentiality Key Management (Generation, Storage, Distribution and Revocation) | 7% | 4% | 82% |
| Signature Key Management (Generation, Storage, Distribution and Revocation) | 8% | 3% | 82% |
| Public Key Certification | 7% | 5% | 82% |
| Electronic Notary Services (e.g. Timestamping) | 6% | 16% | 76% |
| Strongly Agree | Agree | Neutral | Disagree | Strongly Disagree | |
|---|---|---|---|---|---|
| The governments proposals are broadly acceptable | 0% | 0% | 5% | 13% | 78% |
| I understand the risks of unlicensed TTP services but I should be free to choose which services I use in a free market involving both licensed and unlicensed services | 76% | 18% | 3% | 0% | 1% |
| The government should not seek to dictate who I am allowed to trust and who I am not | 88% | 9% | 0% | 0% | 1% |
| The objectives of the government go beyond those which are being openly stated. They are, for example, trying to control the availability of encryption for private use in the UK | 71% | 22% | 4% | 0% | 0% |