Re: New proposed solution to the QC biometric issue

[Stephen Kent <kent@xxxxxxxxxxx>]

Petra,

>4. The rationale as it stands is wrong from my point of view: There are
>no "biometric comparing algorithms" involved which have to compare
>reference data with actually measured verification data taken from the
>person to be authenticated. An acceptable wording would be: "The
>rationale for supporting biometric data (i.e. a certificate holder
>portrait image) would be to support biometric data in a qualified
>certificate in the sense of a certified attribute of the certificate
>holding person."

I'm a bit confused by your statement. Biometric authentication is
generically done by registering a user and creating a template that
characterizes the biometric for that user.  later, when the user tries to
"login" a new biometric is captured and is compared, algorithmically, to
the template.  if a suitably high score is achieved, the user is
authenticated.  In the more restricted cases we are considering here, the
assumption is that the template is an image of a user's face or of his/her
handwritten signature, that will be viewed by a person acting as the
authenticator, matched against an in-person image of the user or signature.

Steve