"Independent Scheme Assurance Panel" report on ID cards published.

Peter Tomlinson ukcrypto at chiark.greenend.org.uk
Fri, 09 May 2008 09:04:03 +0100 

Crosby is about something directly useful to citizens, but the NIS is 
about something directly useful to government (and they hope indirectly 
useful to citizens in that by way of the NIS we should be able to root 
out the nasty people and thus improve British society) [1].

The ICO is also interested in something useful to citizens, which is why 
the WG on User-centric ID Management is operating (part of the 
Cyber-Security Knowledge Transfer Network thing, now run by BERR and 
Qinetiq www.cybersecurity-ktn.com).

Peter

[1] I wonder if that story about air-side airport workers not being 
fully checked for past bad behaviour, allegedly uncovered by Newsnight, 
was in fact a plant, aimed at encouraging us to support the fast track 
issuing of ID Cards to air-side workers, which of course will need 
proper investigation of their bona-fides (and it will result in the 
issuing of UK ID Cards to those who are already citizens of another EU 
country, and eResident cards for those who are third country nationals).

David Biggins wrote:
> Glad you like it...
>
> There's also this:
>
> http://www.hm-treasury.gov.uk/media/6/7/identity_assurance060308.pdf
>
>
> Challenges and opportunities
> in identity assurance
> By 
> Sir James Crosby
>
>
> Dave.
>
>
>
>
>
>
>
>
>
>
>
>  
>
>   
>> -----Original Message-----
>> From: ukcrypto-admin@chiark.greenend.org.uk 
>> [mailto:ukcrypto-admin@chiark.greenend.org.uk] On Behalf Of 
>> Peter Tomlinson
>> Sent: 08 May 2008 14:32
>> To: ukcrypto@chiark.greenend.org.uk
>> Subject: Re: "Independent Scheme Assurance Panel" report on 
>> ID cards published.
>>
>> David Biggins wrote:
>>     
>>> This is an official body tasked with monitoring the scheme, 
>>>       
>> and their 
>>     
>>> report makes fascinating reading...
>>>
>>> _http://www.ips.gov.uk/identity/downloads/ISAP_Annual_Report.pdf_
>>>
>>> And a "Plain English" translation of it here:
>>>
>>> _http://talk.guardian.co.uk/WebX?14@456.XJGMbkMrzyM@.77607ed8/61_
>>>
>>> Dave.
>>>       
>> Great stuff.
>>
>> Never has there been any sign of technical specifications, 
>> and never has there been any detailed 'requirement' (as 
>> required by EU procurement rules, including the ones that 
>> they are now using) seen, at least not in the public domain, 
>> not in the Chatham House Rule meetings that I have been to 
>> over several years, and not in the early stages of the NIS 
>> procurement programme [1]. They just are not designing this 
>> scheme, but are expecting it to come together with the help 
>> of suppliers (who, this time, because of the Act, will be 
>> culpable if it goes wrong) - that was the way we ran the Empire.
>>
>> It is actually possible to deisgn the scheme: other countries do it.
>>
>> Peter
>>
>> [1] The only area that has had significant in-house technical 
>> expertise has been biometrics.
>>
>>
>>
>>
>>
>>
>>     
>
>
>
>