Draft IP-Bill enters wrap-up phase

Adrian Midgley amidgley at gmail.com
Sat Jan 23 16:43:02 GMT 2016 

I suspect places where it is used may be a shorter list than those where it
is not.  I'm not convinced anyone in our local setup knows it exists.

On Sat, 23 Jan 2016, 17:19 Mark Lomas <ukcrypto at absent-minded.com> wrote:

> NHS Net mail has two different encryption mechanisms, one of which is
> end-to-end.
>
> If the users take no special measures then NHS Net mail encrypts between
> client and server, but messages are stored in clear on the server. That is
> not end-to-end.
>
> NHS Net mail also provides a PKI to support S/MIME, allowing end-to-end
> encryption. NHS policy is that any message containing two or more patient
> records must use this. They felt unable to mandate this for individual
> records because many NHS staff are incapable of using S/MIME. So, for
> example, hospital admissions should support S/MIME but an individual
> healthcare worker isn't required to.
>
> To complicate matters there is an authorisation list for S/MIME that needs
> to traverse the network boundary. That is to stop staff smuggling out
> sensitive data having first encrypted it. Staff who need to exchange
> encrypted messages with external parties have first to be added to the
> authorisation list.
>
> Mark
>
> p.s. I realise that not all NHS bodies follow the policy, but the
> mechanism is available to support end-to-end encryption.
>
>
>
> On 22 January 2016 at 00:38, Adrian Midgley <amidgley at gmail.com> wrote:
>
>> > thinking based on a mistaken impression that an iMessage has four ends:
>> sender/Apple/Apple/recipient,
>>
>> The NHS Net mail is persistently described as "end to end encrypted" when
>> it quite clearly is decrypted to store (perhaps being re-encrypted against
>> a key held for that server) on the central server, and then re-encrypted to
>> go to the recipient's compute.
>>
>> So the idea that there could be a persistent mistake about how many ends
>> there are in a a line isn't quite as daft as it might be.
>>
>> But no, I think it is simply saying whatever seems convenient, alas.
>>
>>
>>
>>
>>
>> On Thu, 14 Jan 2016 at 11:52 Roland Perry <lists at internetpolicyagency.com>
>> wrote:
>>
>>>
>>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20160123/1012dff6/attachment.html>

More information about the ukcrypto mailing list