[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: QC's - for human eyes only?

To: "'ghilborn@xxxxxxx'" <ghilborn@xxxxxxx>, "ietf-pkix@xxxxxxx" <ietf-pkix@xxxxxxx>, "'Ilan Shacham'" <ilans@xxxxxxx>, "'SEIS-List'" <list@xxxxxxxxxxxxxxxxx>
Subject: RE: QC's - for human eyes only?
From: Anders Rundgren <anders.rundgren@xxxxxxxxxx>
Date: Tue, 7 Dec 1999 08:43:28 +0100
Cc: 'Patrik Fältström' <paf@xxxxxxxx>, "'Stefan Santesson'" <stefan@xxxxxxxxxxx>, "'Magnus Nystrom'" <magnus@xxxxxxxxxxxxxxx>

Ilan,

>It seems to me that most postings here with privacy concerns are
>actually against the whole concept of the QC and the linking of
>biometric data to individuals. Once QC's have been agreed upon it
>looks like both options - hash+URI and Biometrics on the QC, are
>conceptualy identical.

Your observation is unfortunately completely correct!

This IMO where you get by starting with ASN.1 instead of an old-fashioned 
"requirement specification".   A the requirement specification should be on
a level that can be (more or less) interpreted by parties that may not have a
degree in cryptography.  Why?  Unlike TLS and OCSP, QC is very close to
an "application" and when applications are designed, "users" should be
able to participate.  But that's too late now.   And many valuable months have
simply passed without any progress and soon the last call is over and things
are still in a partial shape.

Anders Rundgren
Senior Internet e-commerce Architect

Follow-Ups:
- RE: QC's - for human eyes only?
  - From: Stephen Kent

Prev by Date: RE: QC's - for human eyes only?
Next by Date: Re: QC's - for human eyes only?
Previous by thread: RE: QC's - for human eyes only?
Next by thread: RE: QC's - for human eyes only?
Index(es):
- Date
- Thread