Dear Sir/Madam,

I have read with interest the latest DTI proposals for the licensing 
of Trusted Third Parties.

I am sorry to say that I do not believe the proposals to be practical. 
Furthermore they also appear to infringe what I consider to be a basic 
civil liberty - the right of every citizen to legally take whatever measures 
they feel are appropriate to protect their own privacy, and that of others.

The reason that the proposals are impractical is that no system which 
mandates that private keys be disclosed to third parties will ever gain 
acceptance - no-one will use such a system, least of all a criminal. I would 
never consider disclosing my personal private keys to any third party - would 
you?

The proposals, if enacted, would also create an entirely new form of criminal 
act. This would allow the prosecution of any individual who certified the 
authenticity of anothers public key. From a civil liberties point of view, I 
find this entirely unacceptable.  [ I refer to section 72 of the Public 
Consultation Paper ]

>From a law-enforcement point of view I believe that the proposals would be  
likely to have a negative effect - people will start encrypting normal 
correspondence purely to assert their right to privacy. This means that the use 
of encryption by criminals and terrorists will be less obvious, and less likely 
to arouse suspicion. 

A much better course would be to assert citizens right to privacy, and then 
encourage public spirited people to refrain from exercising it unnecessarily, 
on a voluntary basis.

On a more positive note, many of the proposals would make good sense if the 
requirements for private key escrow were removed.

Your sincerely,
George Barwood

Gloucester, UK, 22nd March 1997