[ICA] Re: [LINK] Certified digital Post
Tue, 9 Oct 2001 11:55:02 +1000
And whether this initiative assists in any way with confidentiality/privacy requirements of transmitted information (vs identifying the source machine) as the ammended Privacy act will require from Dec 21 for a range of information across both the private and public sectors.
> From: Roger Clarke <Roger.Clarke@xamax.com.au>
> Subject: [ICA] Re: [LINK] Certified digital Post
> Date: 09/10/2001 11:10:00
> To: email@example.com, firstname.lastname@example.org,
> email@example.com (Privacy Advocacy E-List)
> "Rowe, Joshua" <Joshua.Rowe@auspost.com.au>
> >Australia Post Now Provides Face-To-Face Authentication For eSign Digital
> I wonder whether the implementation complies with any of the
> requirements of a privacy-respectful PKI as defined in documents like:
> I wonder if it complies with any of the privacy requirements that are
> supposed to have been uttered by the almost-invisible government
> sub-committee that maybe still exists and maybe imposes some kind of
> control over Gatekeeper.
> I wonder if it commits the same unbelievable blunder that
> ATO/Baltimore does, by generating the key-pair in such a manner that
> someone other than the individual concerned has access to the private
> key. (To the extent that it does, it breaches the most fundamental
> of all principles of digital signature schemes).
> I wonder if it actually implements attribute certificates, and does
> so in a workable manner. These are critical if the delegations
> enjoyed by individual employees are to be communicated.
> I wonder if they've asked the employees and employee representative
> associations what they think about employees being required
> (presumably at pain of dismissal) to line up at the Post Office with
> a sheaf of documents, in order to be allowed to keep doing jobs like
> issuing purchase orders, or even sending emails to other government
> I wonder if they've noticed that X.509-based PKI is so riddled with
> deficiencies that it will continue to fail dismally, both technically
> and in the market:
> I wonder if the sponsors have any reasonable grounds for believing
> that this attempt will be any less unsuccessful than the previous
> disaster, KeyPOST, 1997-99. (In fact, I wonder what differences
> there are between the two announcement notices, and the two schemes).
> I wonder why investors in IT don't read the criticisms that have
> accumulated during the aeons that X.509-based PKI has been around,
> getting nowhere, and gaining an increasingly bad smell.
> Sorry, but I'm in jet-lag, and grumpy about how naive people can be.
> Roger Clarke http://www.anu.edu.au/people/Roger.Clarke/
> Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
> Tel: +61 2 6288 1472, and 6288 6916
> mailto:Roger.Clarke@xamax.com.au http://www.xamax.com.au/
> Visiting Fellow Department of Computer Science
> The Australian National University Canberra ACT 0200 AUSTRALIA
> Information Sciences Building Room 211 Tel: +61 2 6125 3666
> To unsubscribe from ica, send a message with the single line
> in the body to firstname.lastname@example.org
This message was sent through MyMail http://www.mymail.com.au