Trustworthy contacts

[M J D Brown]

On Sat 09 Sep, David Hansen wrote, in part response to George Foot's
comment that public key methods have been enshrined in law as a basis
for a e-commerce framework before they have been tested in practice:
  
> Even if it was possible to make a secret key system work for e-
> commerce I am not the only person who would abhor such a system. The 
> idea that people should trust a "trusted" party to manage keys for 
> them goes back to the days when people knew their place and were 
> happy to be patronised by their betters.
 
I think that here you are possibly subscribing and objecting to the
commonly-held belief that "trusted" is an adjective applied to objects,
institutions, or people who somehow deserve our unverifi(ed)/(able)
belief in their competence, benevolence, and impartiality.  In the high
integrity systems environment that I (and doubtless other colleagues)
inhabit, the concept of "trust" implies no more than a systems element
whose integrity cannot be assured by external observation of its
behaviour whilst in operation.  Hence the importance placed in various
standards on formal validation of requirements and verification of
correct functioning of trusted components during project design and
implementation phases.
 
I, for one, would never trust (in the emotional sense) any commercial
system not to have a hidden agenda operating to my potential or actual
financial disadvantage.  On the other hand I would have a great deal of
trust (in the technical sense outlined above) in many of the products of
the fashionably-reviled government community; for example aircraft
autopilot control rules formulated by DERA (RAE Farnborough, as was).
 
Regards to all readers,
Mike.   
-- 
M J D Brown: Newhaven, Peterchurch, Herefordshire HR2 0RT, England