[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

QC biometrics needs re-engineering NOW!

To: "Stefan Santesson" <stefan@xxxxxxxxxxx>, "Ilan Shacham" <ilans@xxxxxxx>, "Tony Bartoletti" <azb@xxxxxxxx>, <ietf-pkix@xxxxxxx>, <stephen.farrell@xxxxxxxxxxxx>
Subject: QC biometrics needs re-engineering NOW!
From: "Anders Rundgren" <anders.rundgren@xxxxxxxxxx>
Date: Tue, 7 Dec 1999 22:48:07 -0000

Stephen,

>I suggested that it was silly to present a digest
>without being able to point at something that allows you 
>to verify the digest

It sure is silly!  Interoperability=ZERO

>as you should be able to see from 
>the archive (but its so long ago I forget, maybe it was
>a private posting). I think Steve K. addressed the issue
>when he said that handing over a URL says nothing about
>who can gets a 404 vs. a 200 when they ask for the content.

That is REALLY silly!  The RP is authenticating to the CA-server.......
I.e. all RPs must be "known" in advance by the CA?  Should I laugh  :-) :-) :-) . Or should I cry? :-( :-(

Compare that to the simple, interoperable, universal trick invented by Netscape(?)
some 3-4 years ago called user certificate selection.  Like getting a list like:

    - Standard QC
    - Photo ID
    - e-mail cert
    - SSN cert

Anders

Follow-Ups:
- No, was Re: QC biometrics needs re-engineering NOW!
  - From: Ed Gerck

Prev by Date: Re: Back to nothing: URI solution works?
Next by Date: Re: Consensus Text for key usage?
Previous by thread: Back to nothing: URI solution works?
Next by thread: No, was Re: QC biometrics needs re-engineering NOW!
Index(es):
- Date
- Thread