Re: New proposed solution to the QC biometric issue

["Anders Rundgren" <anders.rundgren@xxxxxxxxxx>]

<snip>
>> Proposed text:
>>
>> " In some cases the subject name that is contained in a public key
>> certificate may not be meaningful enough. This may happen because of the
>> existence of synonyms or because of the use of pseudonyms. A distinction
>> could be made if more attributes were present. However, adding more
>> attributes to a public key certificate placed in a public repository
>> would be going against privacy protection. 

I do not agree on your conclusion.  Whatever attributes you put in a certificate
they should not be in a PUBLIC repository.   A so trivial item like "dateOfBirth" is
a thing that many people object to having published. 

<snip>

>>There are two kinds of biometric
>> attributes that can be used : a picture or a manual signature from the
>> certificate owner.


Fingerprints are coming strong.

http://www.veridicom.com/

Note: There are at least 25 other companies doing similar stuff although I
was impressed by Veridicom's system as the manage to make their
templates a mere 300 bytes.  Formulas rather than pattern it seems.

Fingerprints have one big advantage over the other two items:

They CAN actually be used to automatically verify a persons authenticity at
an entrance in a reasonable controlled area.  That you can cut of a person's
finger is true but there is always some end to what is possible in terms
of security.  The fingerprint solution is very LOW-COST and complements
a smart-card PIN-code very well.

<snip>

Regards
Anders
http://www.mobilephones-tng.com