"But they will only be able to use the data for national security purposes and not to fight ordinary crime, the Home Office stressed."
In The Netherlands the police is already using ANPR for quite some time to catch criminals. Why doesn't the UK do this? What's wrong with fighting ordinary crime like that?
For example, it will help getting those stolen cars back rather quickly, and you may even want to have alarm bells ringing if numberplates are unrecognisable, as long as you have a police force big enough to chase them all;-)
Okay, a difference is that the Dutch are using this system on highways, and not in cities.
Key escrow does not apply when it comes to signing, it only applies to encryption.
You don't need a backup of signing keys, you just get new keys once the old keys are no longer available (check out the concepts behind digital signatures).
You can have as many signing keys as you have developers, e.g.:
- Code Signing 001 (for John)
- Code Signing 002 (for Aziz)
- Code Signing 003 (for Tsjang)
- etc.
If you are worried about theft and sabotage, like unauthorized people signing on your behalf, get decent key protection (a token around your neck at all time will do;-) or just revoke any key that is lost or stolen, but beware, in that case you would have to make sure that the underlying security software used by end users to validate the code signature supports revocation.
That's basically it.
Slashdot Mirror
"But they will only be able to use the data for national security purposes and not to fight ordinary crime, the Home Office stressed."
;-)
In The Netherlands the police is already using ANPR for quite some time to catch criminals. Why doesn't the UK do this? What's wrong with fighting ordinary crime like that?
For example, it will help getting those stolen cars back rather quickly, and you may even want to have alarm bells ringing if numberplates are unrecognisable, as long as you have a police force big enough to chase them all
Okay, a difference is that the Dutch are using this system on highways, and not in cities.
The media can get the public to care about basically anything.
Stop judging so fast !
Key escrow does not apply when it comes to signing, it only applies to encryption. You don't need a backup of signing keys, you just get new keys once the old keys are no longer available (check out the concepts behind digital signatures). You can have as many signing keys as you have developers, e.g.: - Code Signing 001 (for John) - Code Signing 002 (for Aziz) - Code Signing 003 (for Tsjang) - etc. If you are worried about theft and sabotage, like unauthorized people signing on your behalf, get decent key protection (a token around your neck at all time will do ;-) or just revoke any key that is lost or stolen, but beware, in that case you would have to make sure that the underlying security software used by end users to validate the code signature supports revocation.
That's basically it.