R v.Lambert House of Lords and RIP reverse-burden-of-proof

Adrian Midgley Adrian Midgley" <akm at 92tr.freeserve.co.uk
Sat, 14 Jul 2001 15:08:39 +0100 

From: Owen Lewis <oml@eloka.demon.co.uk>

>> >flawed system. You would not be able to do this to me or to many
>> others,
>> >only to those who lay themselves open to this form of abuse.

>I get unsolicited enciphered mail I return it to sender. I get a
second I
>return it with a cease and desist message. A third and mail delivery
to me
>will be blocked.

But being a clever conspirator, surely you would in any case return
the mail which you had separately decrypted and read, so as to back up
your statement here and later that you had been unable to read it
since you did not have the key {Plod: prove it} and had never had the
key {Plod: just to assist us with the enquiries we are making into the
apparent sender of that message, sir, I'm sure you won't mind proving
you didn't have it.}

Cease and desist, yes of course.  At least it demonstrates to your
putative co-conspirator that you received the message...

And blocked.
It is technically possible to block email on the ISP mailserver
without reading the body, using IMAP or no doubt in other ways, but
can you {Plod asks} prove that you used that way, or are you in fact
downloading the mail to where your mail client can delete it, leaving
only the log files to contain the texts where they could be decrypted.

It is the demand in RIPA that all these things be proved, that seems
the problem, bearing in mind that in some jurisdictions, not this one
of course, the LEA might be more interested in causing trouble than
protecting you.

Enough of this experiment I think, I've found out two things about PGP
that I didn't fully appreciate before, and had the question of how
useful the proposed whole NHS and contacts PKI setup is going to be
raised.

it seems to me that firstly the purpose of the NHS PKI requires that
it is actually at least a national PKI, to include gov and patients,
and that in fact the number of organisations or even patients I
correspond with is quite manageable by the sort of bipolar crypto
streams you use.

In Exeter for instance there are 21 Practices, plus a few bits and
pieces, who deal with about 4 distinct laboratories all of which are
physically and logically within the perimeter of the Acute Trust.
For this end of Devon it is 75 practices, and no more than 4
hospitals.

I suspect the national arrangmenets of being a delaying tactic rather
than a clever plan, if there is any distinction between the two in teh
NHS administrata, and personally I'd be quite happy with a ssh session
to the lab computer.

--
Midgley