We undertook a project to secure the distribution of medical information using Wax. This is a proprietary hypertext-based system used for information such as treatment protocols, drug formularies, and teaching material. An initial attempt, using digital signatures (in line with a recent European standard) and certificates conforming to X.509 has thrown up a number of interesting problems with current approaches to public key infrastructures. While the X.509 philosophy may be suitable for many electronic commerce applications, signatures on which we may have to rely for many years — such as those on books and contracts — appear to require a different approach.
Ross J. Anderson, Václav Matyás Jr.,