Sirs, With regard to the proposals for licencing of TTPs, I am concerned that the public consultation paper, seems to confuse Trusted Third Parties with Certifying Agencies. They are two separate entities and do not need to be combined. Certifying Agencies (CAs) are authorities who check identity and confirm it to be accurate. They then issue a signature or certificate to confirm that the relevant checks have been made. There is a definite need for such. There should be laid down standards for how such firms operate. It is rather like a solicitor who certifies that he knows an individual, and has examined his or her driving licence/birth certificate, and signs the back of a passport photograph and a declaration to the same effect. The checks need to be organised in such a manner that certification is a low cost affair. Trusted Third Parties (TTPs) are a totally different matter. A TTP is a body who holds the encryption key (which depending on the crypto-system, may also be the digital signature) of an individual. The idea that such should be done and the key made available to Government or anyone else without the knowledge of the key owner is totally abhorrent in any free society. That this is to be done in the name of law enforcement is, to say the least, laughable. Do you really expect all potential lawbreakers to deposit their keys with the TTP? Perhaps there should be a register for all potential criminals, to which they should register first before law-breaking! Both suggestions have about the same chance of being enforcable. All your proposals will do is to provide facilities for snooping on law-abiding citizens. 1984 has passed, but it appears that we are drawing nearer to the idea of Orwell's 'Thought Police'. I lock my house when I leave it, but I certainly do not deposit the keys with any designated authority, which has powers to release them without my knowledge. Would you? The idea of depositing such information where it can be accessed by a corrupt employee is questionable. It is already common knowledge that confidential information held by banks and credit card companies on an individual can be purchased on the black market. There have been many cases exposed in the media over the last few years. Your proposals will create a similar illegal market in encryption keys. You will no doubt receive further comments from businesses expressing their grave concerns, which are different to that of a private individual. I certainly will not deposit my secret cryptographic key with a designated TTP, voluntary or mandatory. Should you therefore consider that the next step may be a register of potential criminals, you had better register my name there. Law-abiding up until now. Yours faithfully, Noel Bell