OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

xcbf message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [xcbf] [Fwd:I-DACTION:draft-nagpal-biometric-digital-signature-00.txt]

This is quite interesting!  He admits it is not possible yet!  But if
biometric data gets used to automatically generate your private key,
then quite clearly use of such data in protocol exchanges to recover
certificates from a database absolutely requires the data to be
encrypted, and probably in fact prevents such use.

So we have two very much opposed architectural approaches to the use of
biometric data.

But I think this one is still fraught with difficulties and nowhere near
reality yet. It assumes that biometric sampling is sufficiently
consistent that repeated samples will generate the same large integer
value, to within a precision of plus or minus one.  That is pretty close
to cloud cuckoo land, I think.

We should not waste time on this.

John L

Phil Griffin wrote:
> FYI.
> Phil
> -------- Original Message --------
> Subject: I-D ACTION:draft-nagpal-biometric-digital-signature-00.txt
> Date: Tue, 14 May 2002 08:00:55 -0400
> From: Internet-Drafts@ietf.org
> Reply-To: Internet-Drafts@ietf.org
> To: IETF-Announce: ;
> --NextPart
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
>         Title           : Biometric based Digital Signature scheme
>         Author(s)       : R. Nagpal, S. Nagpal
>         Filename        : draft-nagpal-biometric-digital-signature-00.txt
>         Pages           : 6
>         Date            : 13-May-02
> Digital Signatures are fast emerging as a viable information security
> solution, satiating the objectives of data integrity, entity
> authentication, privacy, non-repudiation and certification.
> The technique, as it stands today, faces the problem of the
> maintenance of the secrecy of the private key. This document provides
> a conceptual framework for the establishment of a biometric-based key
> generation scheme. In this scheme, the private key is generated each
> time a document or record requires to be signed. Such generation is
> based upon a combination of biometric traits.
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-nagpal-biometric-digital-signature-00.txt
> To remove yourself from the IETF Announcement list, send a message to
> ietf-announce-request with the word unsubscribe in the body of the
> message.
> Internet-Drafts are also available by anonymous FTP. Login with the
> username
> "anonymous" and a password of your e-mail address. After logging in,
> type "cd internet-drafts" and then
>         "get draft-nagpal-biometric-digital-signature-00.txt".
> A list of Internet-Drafts directories can be found in
> http://www.ietf.org/shadow.html
> or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
> Internet-Drafts can also be obtained by e-mail.
> Send a message to:
>         mailserv@ietf.org.
> In the body type:
>         "FILE
> /internet-drafts/draft-nagpal-biometric-digital-signature-00.txt".
> NOTE:   The mail server at ietf.org can return the document in
>         MIME-encoded form by using the "mpack" utility.  To use this
>         feature, insert the command "ENCODING mime" before the "FILE"
>         command.  To decode the response(s), you will need "munpack" or
>         a MIME-compliant mail reader.  Different MIME-compliant mail readers
>         exhibit different behavior, especially when dealing with
>         "multipart" MIME messages (i.e. documents which have been split
>         up into multiple messages), so check your local documentation on
>         how to manipulate these messages.
> Below is the data which will enable a MIME compliant mail reader
> implementation to automatically retrieve the ASCII version of the
> Internet-Draft.
> --NextPart
> Content-Type: Multipart/Alternative; Boundary="OtherAccess"
> --OtherAccess
> Content-Type: Message/External-body;
>         access-type="mail-server";
>         server="mailserv@ietf.org"
> Content-Type: text/plain
> Content-ID:     <20020513142028.I-D@ietf.org>
> FILE /internet-drafts/draft-nagpal-biometric-digital-signature-00.txt
> --OtherAccess
> Content-Type: Message/External-body;
>         name="draft-nagpal-biometric-digital-signature-00.txt";
>         site="ftp.ietf.org";
>         access-type="anon-ftp";
>         directory="internet-drafts"
> Content-Type: text/plain
> Content-ID:     <20020513142028.I-D@ietf.org>
> --OtherAccess--
> --NextPart--
> ----------------------------------------------------------------
> To subscribe or unsubscribe from this elist use the subscription
> manager: <http://lists.oasis-open.org/ob/adm.pl>

   Prof John Larmouth
   Larmouth T&PDS Ltd
   (Training and Protocol Development Services)
   1 Blueberry Road                     
   Bowdon                               j.larmouth@salford.ac.uk
   Cheshire WA14 3LS                    Tel: +44 161 928 1605
   England				Fax: +44 161 928 8069

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC