Dear Rt. Hon. Sir Brian Mawhinney,
Thank you for your letter of 14th April, and particularly the enclosure from (I presume) Hansard, which I found to be interesting reading. I look forward to seeing the Home Secretary’s reply.
To pick up on one point in the debate, it is certainly the case that the industry is changing fast, and, as I work at the hot end, I can assure you that the speed of change in the industry is increasing. If one of the American government’s arguments in their suite against Microsoft is correct, that Microsoft have slowed change down, then the implication of their victory is that at some point the speed of change is going to seriously increase—although I am aware that this case is unlikely to be resolved for years, by which time Microsoft will probably have been passed by another company or technology anyway, as they passed IBM. I do worry whether parliament will be able to keep up with practises in the field, although obviously you will be aware of these problems much more than me.
The two obvious things which I believe will cause the next technical revolutions in the net are the introduction of “IPv6”, a low level protocol defining how internet components communicate, which will break the bottleneck which would otherwise interfere with the introduction of internet aware components in day–to–day devices, and mass introduction of Internet–enabled WAP mobile telephones. This implies what in a few years time the Internet will be totally different, again, with the pervasive use of WAP phones, the rapid spread of Internet aware facilities in all kinds of normal day–to–day devices such as cars, kettles, central heating—anything which needs to be controlled in some way—so network traffic will have increased dramatically, and secure monitoring is going to be even more of a severe problem.
This leads to another problem with RIP. Central locking for cars is encoded, and the coding constantly changes—but the car driver neither knows nor cares what this code is. The equivalent technology is likely to soon be found on the net, in that household devices will become available, which can be controlled from the Internet—and particularly from Internet aware WAP mobile telephones—whose communication protocols will need to be secure, probably through encryption. The normal user won’t care about the encryption, so long as everything is secure and no one else can reset, for example, their household central locking, central heating, turn on the kettle, etc.. It is perfectly possible to have a security methodology with constantly changing keys—Schnieder published an algorithm in his classic book on encryption. This implies houses with dozens of constantly changing keys, all changing by algorithm and never under direct human control—the installation of the component’s “device drivers” on the phone will set everything up. The user will never know nor want to know what the encryption keys used are, they’ll just want to know that their house is secure. The basic technology for all of this is already in trials in Finland (I don’t know about the software security used there), so the legal framework for this technology in the UK is the current RIP bill. Is the government seriously going to lock people up for two years because their household central heating is designed to prevent anyone but the owner from resetting it using their mobile? About the only kind of person whom I can think of who is likely to know about and be interested in the actual keys used is the infamous nerd, so this bill might as well require the entire population to have spots, become socially inept and wear NHS glasses. I see the reasons for the worry—the software in the WAP phone could well have been written at the Nokia software site in the People’s Republic of China—God knows what else it might contain. Surely more intelligent intelligence (!) is required.
I must emphasize that my worries regarding RIP have nothing to do with my irritation with IR35. My worries about RIP are ultimately based on principle—people are innocent until proved guilty—whereas I simply find IR35 an annoyance.