Another problem under the general heading of trade and industry issues is the proposals' assumption that TTPs can provide an infrastructure common to many different types of electronic commerce. Smartcard manufacturers have attempted for over a decade to sell their products as the means whereby the dozens of different cards that we carry in our wallets. These attempts to create and market a shared infrastructure have all failed and for reasons that have little to do with whether the underlying technology is a smartcard or a certification infrastructure.
I have personal experience of attempts to enable a smartcard electronic wallet, that I had helped design, be used to recharge prepayment electricity meters. The project was perfectly feasible technically; it foundered on questions such as whether the bank or the electricity company would control the mailing list, who would be responsible for dealing with complaints, how conflicting development plans could be arbitrated, and so on. Similarly, a 1992 plan to unify all the admission cards to the hundred or so academic libraries in Cambridge and unify them with photocopying cards and college canteen tickets failed to get off the ground because too many fiercely independent faculties, departments and colleges would have to be marshalled to convert to compatible systems.
I related these experiences at a discussion session of Cardis 94 and Philippe Maes, the technical director of Gemplus, confirmed that they are a common problem with attempts to sell multiplatform smartcards; he admitted that most such plans never get beyond arguing which company would get its logo on the front of the card.
I therefore fully expect that in thirty years' time I will have at least as many keys (in the broad sense of the word) as I have at present. Perhaps half of them will be cryptographic keys or access tokens whose verification mechanisms employ cryptography in some form. At present I have two of each: my SIM card key and my PGP key are proper crypto keys, while my ATM PIN and University system logon are tokens verified by cryptographic mechanisms. Note that none of these are compatible, and even when I have ten or twenty such keys and tokens, I do not expect them to be any more compatible. For obvious security reasons this would be undesirable -- banks are so bad at managing cryptography, as I will discuss below, that I would certainly not want any of my bankers to be able to use my logon or bill phone calls to my account.
For these reasons, I do not accept it as even remotely plausible that a government sponsored attempt to centralise trust management in TTPs will save costs and help business. It will do exactly the reverse. By forcing organisations to centralise trust where there is no business case for it, and use software available from only a small number of GCHQ-approved suppliers rather than international standard software, the proposals will burden British industry with significant and unnecessary costs. They will also burden other organisations such as universities and medical practices, of whose requirements the DTI appears to have taken no cognisance whatsoever.