[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [pki-tc] e-Gov: Distributing confidential information
Here are some thoughts regarding how e-governments (and companies) could efficiently distribute confidential information to citizens (or employees). Note: The following discussion only applies to information from an (non-personal) authority to an individual. Claim ------- In spite of being the foundation for many PKI-based ID-programs, I doubt that S/MIME will play any major role in e-government systems as these typically are built as on-line (web-based) services. The problem -------------- Now, in case a government authority is to send you confidential information, I believe they should not use encrypted mail as this will most likely lead to huge support problems with key- distribution, key-expiration etc. A simple remedy --------------------- e-Governments could preferably e-mail the recipient a web-link (or just a notification) that he or she uses to fetch the confidential information with. That is, after the recipient have authenticated to the on-line authority. This scheme is also aligned with an "account-based" authority where you may have tasks in various stages. The "web-way" allowed on-line banks to address the ordinary consumer and is proven to work on a major scale, while signed and encrypted mail is after more than ten years, still very sparsely used. My 2 cents. Anders Rundgren Consultant, PKI and secure e-business +46 70 - 627 74 37
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC