Identity-based public key cryptography

Adrian Midgley midgley at mednetics.org
Mon, 24 Dec 2001 11:40:04 +0000 

On Monday 24 December 2001 03:39, you wrote:

> I am also an avocate of publishing both the access permisions, threat
> model, protocols and algorithms well in advance of implementation, so t=
hey
> can be criticised, but this is probably against NHS policy.=20

It was difficult to get detail out particularly in advance back in the da=
ys=20
of the IMG, but there has been some progress and there is even a body of=20
opinion favouring open source development and implementation now.

Before going to the e-Envoy's office, Nigel Bell then CEO of the NHS=20
Information Authority started off the OSHCA conference by saying The NHS =
is=20
in favour of programs whose source code is open and published.

There is still plenty of FUD about, but we may be getting there.

As far as I am concerned, I've sorted out what use we have for encryption=
 of=20
records, and use it a bit.  For most of my colleagues and managers this i=
s=20
just rocket science and far to complex and boring for them to think about=
 . =20
For the specifiers and suppliers of record system software this represent=
s=20
another huge oppportunity to get lock-in, and to require hardware upgrade=
s=20
and new software and training - I favour a very incremental approach part=
ly=20
to avoid that.

I think the GNotary from GNUMed is probably a good solution to proving th=
at a=20
record has not been tampered with since notarisation.  The problem of mak=
ing=20
a transfer of a note credible seems trivial really - almost all of them c=
ome=20
form local colleagues and I never trust what is in the ones where I don't=
=20
know the person making the note anyway.  Having his signature key on it w=
ould=20
offer me no additiona information and no additional assurance of trust.

Most central calls for information have nothing to do with the management=
 of=20
a particular paitnet, they are efforts to calculate how many people with =
high=20
blood pressure have had it controlled adequately, and really do not need =
to=20
involve medical reocrds travelling over the wire, it should just be the=20
results of the queries.  THis is a hard concept to get across though.
--=20
=46rom one of the Linux desktops of Dr Adrian Midgley=20
http://www.defoam.net/            =20