Thanks to Professor Denning's pointer to this URL for the UK's Trusted Third Parties regulatory intent. http://dtiinfo1.dti.gov.uk/cii/encrypt/ June 11, 1996 STATEMENT ON HMG POLICY CONCERNING USE OF ENCRYPTION ON PUBLIC NETWORKS PAPER ON REGULATORY INTENT CONCERNING USE OF ENCRYPTION ON PUBLIC NETWORKS 1. Summary The Government recognises the importance of the development of the Global Information Infrastructure (GII) with respect to the continuing competitiveness of UK companies. Its aim is to facilitate the development of electronic commerce by the introduction of measures which recognise the growing demand for encryption services to safeguard the integrity and confidentiality of electronic information transmitted on public telecommunications networks. 2. The policy, which has been decided upon after detailed discussion between Government Departments, involves the licensing and regulation of Trusted Third Parties (hereafter called TTPs) which will provide a range of information security services to their clients, whether they are corporate users or individual citizens. The provision of such information security services will be welcomed by IT users, and will considerably facilitate the establishment of, and industry's participation in, the GII, where trust in the security of communication has been acknowledged to be of paramount importance. The licensing policy will aim to preserve the ability of the intelligence and law enforcement agencies to fight serious crime and terrorism by establishing procedures for disclosure to them of encryption keys, under safeguards similar to those which already exist for warranted interception under the Interception of Communications Act. 3. The Government intends to bring forward proposals for legislation following consultation by the Department of Trade and Industry on detailed policy proposals. [Balance snipped] ---------- Professor Denning also has comments dated June 11 on the NRC cryptography report: http://www.cosc.georgetown.edu/~denning/crypto/NRC.txt