[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: New proposed solution to the QC biometric issue
Petra,
My comments are along the lines.
> Denis Pinkas wrote:
> >
> > >From these examples, it can be seen that a URI is not mandatory, but the
> > name of the corresponding file would be usefull as well as the type of
> > biometric information. As far as the typeOfBiometricData is concerned I
> > would prefer an integer instead of an OID: it is shorter (when
> > certificates are stored in smart cards) and we could expand the list of
> > integers as needed. At the time being, two integers seem sufficient
> > (picture or manual signature).
> >
>
> Denis,
>
> why would you like to include the name of the corresponding file in
> the certificate as well?
> I originally thought to have the name of the file to point to the right
> attached file and the extension of the file to select the right viewer.
The name of the file is not needed if there is some "other ways" to
differentiate (in the case when there are multiple attachments) between an
attached picture, a manual signature and, maybe, a fingerprint (that was not in
my original list).
I am however still wondering if there might be some interrest to have
nevertheless the extension of the file, for exemple: GIF, TIF, BMP, MPG, MP3,
etc ... to know, only when looking at the certificate, what kind of viewer will
be necessary. I do not feel strong on this issue, I am trying to find the pros
and cons before taking a decision. Other thoughts ?
Regards,
Denis
> Without this name I'd suggest the following structure considering the
> comments of Stephen and you:
>
> BiometricData ::= SEQUENCE {
> URIorOID URIorOIDsyntax,
> hashalgorithm AlgorithmIdentifier,
> biometricDataHash OCTET STRING }
>
> URIorOIDsyntax ::== CHOICE {
> uri [0] IA5String
> typeOfBiometricData [1] INTEGER }
>
> with the following types of biometric data defined so far:
> 0 picture
> 1 manual signature
>
> Best regards - Petra