"Major Variola (ret)" <mv@cdc.gov> writes:
PS: what happens if your passport's chip doesn't work? Do you get sent back and the airline fined $10K? Do you wait extra time while the still-readable passport number indexes your record online? How much extra time? (Anyone have experience with domestic eg traffic pigs discovering that your magstrip is corrupted?)
Are all chip biometrics encrypted with the same key? How much does that cost on BlackNet these days? How much extra should our Seals Flaps and Documents dept charge?
Details are available from sources like http://www.icao.int/mrtd/download/documents/Biometrics%20deployment%20of%20M... and http://www.icao.int/mrtd/download/documents/PKI%20Digital%20Signatures.PDF (in general the docs are at http://www.icao.int/mrtd/download/documents/, where MRTD = machine-readable travel documents) although you have to be careful what you reference since they're still frantically updating the designs as they go, so any document will be out of date in a few months. It's also being (as far as I can tell) designed by people with little or no security experience, under intense pressure from the US to Do Something About Security. Early technical drafts I saw (not the generic whitepapers on the site, which are pretty vague) were an appalling pile of kludgery. From what I've heard since then it hasn't gotten any better. I dunno whether this is because the work is being contracted out to the Usual Suspects, who don't know much about the area, or whether they did try and get experienced people in and were told that what they were trying to do wouldn't work and/or couldn't be done in less than 5-10 years. Peter.