This is a little off-topic, but it does apply to authentication... I have been abroad for the past few weeks. In the course of my travels, I was given some data about a new program that the US Dept. of State/Customs and Immigration people are moving into limited testing at JFK and LAX. They want to implement a "fast, positive identification system to speed processing of entrants to the United States by use of biometric data." The system works by use of a handprint scanner, and a smart card. Participants would go through an initial hand scan, and then be issued a smartcard. Upon subsequent entries to the US, instead of going through the normal passport check, you would place your hand on a scanner and insert your card in the slot. The system would then positively identify you, and clear you for entry. I have no details about the format/security of the card data, and the INS guy I spoke to made no statements about privacy, security or other uses of their ID database. If this takes off, the risks of it spreading to a national ID card, or to the 'healthcare card' are obvious. Linn H. Stanton <stanton@acm.org> The above opinions are exclusively my own. If anyone else wants them, they can buy them from me. Easy terms can be arranged. -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.2 mQBNAitK8+EAAAECALzK83DH79m7DLKBmZA2h9U33fBE80EwT4xRY05K7WRfxpO3 BmhPVBmes9h97odVZ0RxAFvinOl4wZGOb8pDclMABRG0IUxpbm4gSC4gU3RhbnRv biA8c3RhbnRvbkBhY20ub3JnPrQnTGlubiBILiBTdGFudG9uIDxsc3RhbnRvbkBz aGVhcnNvbi5jb20+ =oCru -----END PGP PUBLIC KEY BLOCK-----