Re: QC's - for human eyes only?

[Tony Bartoletti <azb@xxxxxxxx>]

At 09:00 AM 12/05/1999 -0800, Eric Murray wrote:

>However putting a biometric in a certificate is like putting your Social
>Security Number and mother's maiden name in a certificate- it would
>allow anyone who receives the certificate to be able to use those
>irrevocable identifiers to impersonate you.  So biometric data should
>only be sent encrypted in a session key, if it's ever sent at all.

This is why "irrevocables" should never be relied upon as identifiers.

I intend to publish my own photographs, fingerprints, retinal scans and
DNA traces to public fora, precisely to diminish reliance upon them as
evidence of "me"!  I hope to start a global movement...

Seriously, my philosophic problem with biometrics is that, while the
"body" is somewhat of a constant, the "person" is not, especially with
respect to time and circumstance.  Yet (undo) reliance upon biometrics
tends to reinforce the notion of "once an X, always an X".  That is,
it will encourage the limitation of "trust" calculations to constants.

___tony___  

Tony Bartoletti                                             LL
IOWA Center                                              LL LL
Lawrence Livermore National Laboratory                LL LL LL
PO Box 808, L - 089                                   LL LL LL
Livermore, CA 94551-9900                              LL LL LLLLLLLL
phone: 925-422-3881   fax: 925-423-8081               LL LLLLLLLL
email: azb@llnl.gov                                   LLLLLLLL