Make and explore Freedom of Information requestsFollow this request
There are 3 people following this request
Act on what you've learnt
Similar requests
The public key to the Government Public Key Infrastructure
To Home Office by Nicholas Bohm 11 August 2009
Legal Team Structure
To Foreign and Commonwealth Office by Sarah Fuller 28 June 2010
Fort Santo Domingo, Tamsui, Formosa (Taiwan): decommissioning as British consulate
To Foreign and Commonwealth Office by Kaihsu Tai 22 July 2008
Cost and additional information about evacuation from Tunisia
To Foreign and Commonwealth Office by Ian Nicoll 26 February 2011
Communications concerning Indonesia's then president Suharto (Soeharto) to London, March/April 1998
To Foreign and Commonwealth Office by Jeremy Wagstaff 19 December 2008
British Passport holders in Zimbabwe
To Foreign and Commonwealth Office by stephen nash 9 December 2008
Record of Mrs Thatcher's lunch with Sultan Qaboos at Mamurah in April 1981
To Foreign and Commonwealth Office by Ivor Lucas 2 January 2009
Nicholas Van Hoogstraten
To Foreign and Commonwealth Office by stephen nash 8 December 2008
Libyan evacuation
To Foreign and Commonwealth Office by Steve Elibank 28 February 2011
Institute on Religion and Public Policy
To Foreign and Commonwealth Office by William Thackeray 22 December 2011
The public key to the Government Public Key Infrastructure
Nicholas Bohm made this Freedom of Information request to Foreign and Commonwealth Office
The request was successful.
From: Nicholas Bohm
12 August 2009
Dear Sir or Madam,
I understand that the Communications Electronic Security Group
(CESG), operates a Public Key Infrastructure to enable electronic
signatures made by participating public sector bodies to be checked
for authenticity.
I understand from the Home Office that yours is the responsible
department for CESG, which is part of GCHQ.
Please provide a copy of the public key.
Yours faithfully,
Nicholas Bohm
Foreign and Commonwealth Office
13 August 2009
Dear Nicholas
Thank you for your Freedom of Information request. It has been passed to the relevant section within the Foreign and Commonwealth Office to deal with. They will be in touch with you should your request need clarification.
We received your request on 13 August 2009 and will aim to respond within 20 working days.
Yours sincerely
Bruce
Information Rights
Information Management Group | Information & Technology Directorate | Foreign & Commonwealth Office
email: [FCO request email]
... visit our blogs at http://blogs.fco.gov.uk
show quoted sections
Foreign and Commonwealth Office
8 September 2009
Dear Sir,
Please find enclosed our response to your FOI request.
Yours sincerely,
The Information Rights Team
Information Management Group
The Foreign and Commonwealth Office
***********************************************************************************
Visit [1]http://www.fco.gov.uk for British foreign policy news and travel
advice and [2]http://blogs.fco.gov.uk to read our blogs.
Please note that all messages sent and received by members of the Foreign
& Commonwealth Office and its missions overseas may be automatically
logged, monitored and/or recorded in accordance with the
Telecommunications (Lawful Business Practice) (Interception of
Communications) Regulations 2000. We keep and use information in line with
the Data Protection Act 1998. We may release this personal information to
other UK government departments and public authorities.
***********************************************************************************
References
Visible links
1. http://www.fco.gov.uk/
2. http://blogs.fco.gov.uk/
Kaihsu Tai left an annotation (12 September 2009)
I have sent a request to the Communications Electronics Security Group (CESG) by private email. However, even if you see a public key posted on this site, how could you be sure it actually came from CESG? Any number of intermediaries could have made it up or tampered with it on the way.
I would probably only trust it with some further ‘signing’ evidence like Her Majesty reading out the fingerprint of the key (which also happens to be artfully-embroidered on the magnificent dress) in Westminster Palace during a Speech from the Throne, and/or Cabinet members each holding up a card with a couple of digits of the key-fingerprint during Prime Minister’s Questions and shouting them out over the Leader of the Opposition’s interrogations, broadcast on BBC Parliament: The occasion has to be difficult enough to fake. And a new public key probably needs to be generated every time the Government has a dramatic change of political hue.
Anybody wants to send a request to the Foreign and Commonwealth Office for information to clarify this? Thanks to Nicholas Bohm for coming up with this fascinating request.
Nicholas Bohm left an annotation (12 September 2009)
As suggested by the Foreign & Commonwealth Office, I enquired of CESG, who directed me to the website at http://web.archive.org/web/2007031605560...
This appears to provide the information I sought, although I do not think there is any way of checking its authenticity. (Some comfort could be provided, for example, by recurrent publication of the key fingerprints in the London Gazette; but I am unaware of any such process having been implemented.)
The fact that the original site is not reachable must raise some doubt whether the hierarchical PKI structure which seems to have been contemplated originally is in fact operational. The certificate for the root public key attempts to impose licensing terms on those who rely on it, but as it does so by reference to terms which cannot be found at the URL given for them in the certificate, the efficacy of the attempt must be very doubtful.
All this suggests that if the Government believes in PKI, it's not PKI as we know it.
Things to do with this request
- Add an annotation (to help the requester or others)
- Download a zip file of all correspondence
Alex Skene left an annotation ( 8 September 2009)
CESG is separately listed on WDTK, using the same email address as above:
http://www.whatdotheyknow.com/body/cesg
Link to this