[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No, was Re: QC biometrics needs re-engineering NOW!

To: Anders Rundgren <anders.rundgren@xxxxxxxxxx>
Subject: No, was Re: QC biometrics needs re-engineering NOW!
From: Ed Gerck <egerck@xxxxxxx>
Date: Tue, 07 Dec 1999 14:29:08 -0800
Cc: Stefan Santesson <stefan@xxxxxxxxxxx>, Ilan Shacham <ilans@xxxxxxx>, Tony Bartoletti <azb@xxxxxxxx>, ietf-pkix@xxxxxxx, stephen.farrell@xxxxxxxxxxxx
References: <>

Anders Rundgren wrote:

> Stephen,
> ...
> >as you should be able to see from
> >the archive (but its so long ago I forget, maybe it was
> >a private posting). I think Steve K. addressed the issue
> >when he said that handing over a URL says nothing about
> >who can gets a 404 vs. a 200 when they ask for the content.
>
> That is REALLY silly!

No, it is not. It means that the biometric data can be denied to
you, even though it is available.  You may need a client certificate
to get it, or a password, or be in an IP range  You don't get it just
because it is in the certificate.

BTW, I may suggest that including identifying biometric data in
certificates is unconstitutional in the entire EC, where countries
have harmonized their constitutions to directly *forbid* any
initiative which may allow the creation of a unique indentifier,
a national ID.  Please verify in the current Swedish Carta Magna,
or German, etc.

Cheers,

Ed Gerck

References:
- QC biometrics needs re-engineering NOW!
  - From: Anders Rundgren

Prev by Date: RE: Accessing/selecting biometrics was: Stray Poll: Finger-prints in QCs
Next by Date: Q: Are repeated OIDs allowed in the AIA extension?
Previous by thread: QC biometrics needs re-engineering NOW!
Next by thread: Re: QC biometrics needs re-engineering NOW!
Index(es):
- Date
- Thread