We have received from an anonymous source a document titled: "Securing Electronic Mail Within HMG, Part I, Infrastructure and Protocol." 21 March 1996.
From the Introduction:
"This document is the first part of CESG's recommendations for securing electronic mail within HMG. The main objective of the recommendations is to facilitate pan-government secure inter- operability of electronic mail, by simplifying the implementation of secure electronic mail within government, ensuring secure electronic mail between departments is possible, attempting to facilitate future inter-operability with commercial users, maximising the use of commercial technology in a controlled manner, whilst allowing access to keys for data recovery or law enforcement purposes if required." Other sections describe: 2. Authentication Framework 3. Confidentiality Framework 4. Security Protocol The document refers to the Royal Holloway program for TTP critiqued by Ross Anderson and others as "EuroClipper." Perhaps those with more knowledge could make an assessment. The document consists of 13 pages of text and diagrams, with a few gaps. ----- http://jya.com/sem.htm (35 kb with 7 jpg images)