Legislating for the Long Term?

Nicholas Bohm nbohm at ernest.net
Wed, 11 Mar 1998 09:11:00 +0000 

At 08:45 11/03/98 +0000, Ross Anderson wrote:
[snip]

>This raises the question of why governments should rush to get into
>the directory publishing business, just when they are trying to divest
>all their non-core assets. Directory publishers have done just fine
>for centuries and have never in the past been considered to be a core
>business of government. Surely this can't be the logical consequence
>of the invention of public key cryptography?

Motives are no doubt mixed, different internal empires of government having
different objectives and motives.  Part of it clearly rests on the
conviction that promoting CAs, TTPs etc is the only way for government to
get the sort of access to keys that it wants.

Part of it rests, less conspiratorially, on a very typical form of
communication failure between "technolgy" and "business".  Technology
analyses a business environment from theoretical first principles, reaches
tentative conclusions about business requirements, and builds them into a
system as assumptions.  Technology presents the design to business.
Business assumes that the assumptions made by technology are driven by deep
incomprehensible technical reasons which it wouldn't understand if it
asked, so it approves.  Technology believes that business has confirmed its
assumptions about business requirements.  So it goes in iterative cycles
until only the ship meeting the iceberg wakes everyone up.

I used to see this happening when I was technology partner of a large law
firm, and it wasn't at all easy to stop.  I think this process has driven
much of the third party infrastructure efforts.  Government encouragement,
some of it clearly for the wrong reasons, will do nothing to help bring in
some common sense.

	Regards,

		Nicholas Bohm

Salkyns, Great Canfield,
Takeley, Bishop's Stortford CM22 6SX, UK

Phone		01279 870285	(+44 1279 870285)
Fax		01279 870215	(+44 1279 870215)
Mobile   	0860 636749  	(+44 860 636749)

PGP RSA 1024 bit public key ID: 0x08340015.  Fingerprint:
9E 15 FB 2A 54 96 24 37  98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF.  Fingerprint:
5248 1320 B42E 84FC 1E8B  A9E6 0912 AE66 899D D7FF