[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New proposed solution to the QC biometric issue

To: <ietf-pkix@xxxxxxx>
Subject: Re: New proposed solution to the QC biometric issue
From: Stephen Kent <kent@xxxxxxxxxxx>
Date: Fri, 16 Apr 1999 18:39:21 -0400
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

Folks,

We discussed the biometric issue at length and the current proposal to
include a hash of a biometric template, for some well-defined set of human
verifiable biometrics, is the compromise we have reached.

We are not putting a biometrioc template in the cert because it might be
very big and we generally discourage inclusion of very large data items in
certs.

We are not putting a URI in because, under different assumptions, the
matching templame might be stored somewhere for reference, or might be
passed as part of an application protocol.  If the template is not passed
with the cert, then the application protocol may chose to include a URI.
The only thing that does need to be in the cert, for secruity, is the hash
of the template, and the management data to know what hash algorithm was
employed, and what sort of template the hash refers to, e.g., facial image
or handwriting.

Steve

References:
- Re: New proposed solution to the QC biometric issue
  - From: Anders Rundgren

Prev by Date: RE: New CMC Draft available - Confirmation Message
Next by Date: Re: New proposed solution to the QC biometric issue
Previous by thread: Re: New proposed solution to the QC biometric issue
Next by thread: Re: New proposed solution to the QC biometric issue
Index(es):
- Date
- Thread