Draft IP-Bill enters wrap-up phase

Roger Hayter roger at hayter.org
Sun Jan 24 17:56:41 GMT 2016

On 24 Jan 2016, at 15:27, Roland Perry <lists at internetpolicyagency.com> wrote:

> In article <D8889865-1033-46F4-82B6-50EDF78D7AFE at hayter.org>, Roger Hayter <roger at hayter.org> writes
>> AMI, how are the keys for end-to-end users supplied?
> Is this relevant (I don't know for sure, but as someone formerly practising in Wales maybe you have some inside track):
> http://www.wales.nhs.uk/pearsrc/digitial_certificate_setup.pdf
> -- 
> Roland Perry

I was never important enough to be advised to do such a thing. It does seem remarkably simple, but raises more questions.  Does it use the same SSL libraries as used for encrypted web sites?  If Thawte issue a certificate which you then use, does this potentially give them a way into your encrypted information or not?  And is this the same system the English NHS use for end-to-end encryption?  It would seem to render NHSnet irrelevant, unless its sole role is to prevent you sending encrypted email or secret documents outside NHSnet. 

More information about the ukcrypto mailing list