[ICA] Re: [LINK] Certified digital Post

lyalc@ozemail.com.au lyalc@ozemail.com.au
Tue, 9 Oct 2001 11:55:02 +1000 

And whether this initiative assists in any way with confidentiality/privacy requirements of transmitted information (vs identifying the source machine) as the ammended Privacy act will require from Dec 21 for a range of information across both the private and public sectors. 

Lyal

> 
> From: Roger Clarke <Roger.Clarke@xamax.com.au>
> Subject: [ICA] Re: [LINK] Certified digital Post
> Date: 09/10/2001 11:10:00
> To: link@www.anu.edu.au, ica@cmis.csiro.au,
>         padvocacy@lists.efa.org.au (Privacy Advocacy E-List)
> 
> 
> "Rowe, Joshua" <Joshua.Rowe@auspost.com.au>
> >Australia Post Now Provides Face-To-Face Authentication For eSign Digital
> >Certificates
> >http://www.esign.com.au/press/2001/20011008.shtml
> 
> I wonder whether the implementation complies with any of the 
> requirements of a privacy-respectful PKI as defined in documents like:
> 
> 
> I wonder if it complies with any of the privacy requirements that are 
> supposed to have been uttered by the almost-invisible government 
> sub-committee that maybe still exists and maybe imposes some kind of 
> control over Gatekeeper.
> 
> I wonder if it commits the same unbelievable blunder that 
> ATO/Baltimore does, by generating the key-pair in such a manner that 
> someone other than the individual concerned has access to the private 
> key.  (To the extent that it does, it breaches the most fundamental 
> of all principles of digital signature schemes).
> 
> I wonder if it actually implements attribute certificates, and does 
> so in a workable manner.  These are critical if the delegations 
> enjoyed by individual employees are to be communicated.
> 
> I wonder if they've asked the employees and employee representative 
> associations what they think about employees being required 
> (presumably at pain of dismissal) to line up at the Post Office with 
> a sheaf of documents, in order to be allowed to keep doing jobs like 
> issuing purchase orders, or even sending emails to other government 
> agencies.
> 
> I wonder if they've noticed that X.509-based PKI is so riddled with 
> deficiencies that it will continue to fail dismally, both technically 
> and in the market:
> http://www.anu.edu.au/people/Roger.Clarke/II/ECIS2001.html
> 
> I wonder if the sponsors have any reasonable grounds for believing 
> that this attempt will be any less unsuccessful than the previous 
> disaster, KeyPOST, 1997-99.  (In fact, I wonder what differences 
> there are between the two announcement notices, and the two schemes).
> 
> I wonder why investors in IT don't read the criticisms that have 
> accumulated during the aeons that X.509-based PKI has been around, 
> getting nowhere, and gaining an increasingly bad smell.
> 
> Sorry, but I'm in jet-lag, and grumpy about how naive people can be.
> 
> -- 
> Roger Clarke              http://www.anu.edu.au/people/Roger.Clarke/
> 
> Xamax Consultancy Pty Ltd, 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
>                  Tel: +61 2 6288 1472, and 6288 6916
> mailto:Roger.Clarke@xamax.com.au            http://www.xamax.com.au/
> 
> Visiting Fellow                       Department of Computer Science
> The Australian National University     Canberra  ACT  0200 AUSTRALIA
> Information Sciences Building Room 211       Tel:  +61  2  6125 3666
> -
> To unsubscribe from ica, send a message with the single line
> unsubscribe
> in the body to ica-request@cmis.csiro.au
> 

This message was sent through MyMail http://www.mymail.com.au