Tony,
Slight comment on a thing of importance that you mention
<snip>
>Someone mentioned that the hash is sufficient, since the actual
>data could just "tag along" with the cert, if required. But there
>needs to be a standard even for this kind of operation. Is there?
This was the original QC solution. As you noted (and I have told the
authors several times) this is a half-made solution. A genuine example
of poor engineering!
PKIX creates infrastructure standards. Specifying a means of binding
biometric data to a cert is within scope. specifying a means of
carrying this data in a wide range of application environments is out
of scope. For example, we don't tell IPsec, SSL/TLS, or S/MIME how
to transport certificates or CRLs in those applications; we just
define the certificate and CRL formats. The same principle applies
here. Having defined a means of binding biometric data to a cert,
while not putting it in the cert and thus mitigating privacy
problems, we have done the part of the job that is appropriate for
this WG.