Fortress America mans the ramparts
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Apr 17 14:42:36 PDT 2004
"Major Variola (ret)" <mv at cdc.gov> writes:
>PS: what happens if your passport's chip doesn't work? Do you get sent back
>and the airline fined $10K? Do you wait extra time while the still-readable
>passport number indexes your record online? How much extra time? (Anyone
>have experience with domestic eg traffic pigs discovering that your magstrip
>is corrupted?)
>
>Are all chip biometrics encrypted with the same key? How much does that cost
>on BlackNet these days? How much extra should our Seals Flaps and
>Documents dept charge?
Details are available from sources like
http://www.icao.int/mrtd/download/documents/Biometrics%20deployment%20of%20Machine%20Readable%20Travel%20Documents.pdf
and
http://www.icao.int/mrtd/download/documents/PKI%20Digital%20Signatures.PDF
(in general the docs are at http://www.icao.int/mrtd/download/documents/,
where MRTD = machine-readable travel documents) although you have to be
careful what you reference since they're still frantically updating the
designs as they go, so any document will be out of date in a few months. It's
also being (as far as I can tell) designed by people with little or no
security experience, under intense pressure from the US to Do Something About
Security. Early technical drafts I saw (not the generic whitepapers on the
site, which are pretty vague) were an appalling pile of kludgery. From what
I've heard since then it hasn't gotten any better. I dunno whether this is
because the work is being contracted out to the Usual Suspects, who don't know
much about the area, or whether they did try and get experienced people in and
were told that what they were trying to do wouldn't work and/or couldn't be
done in less than 5-10 years.
Peter.
More information about the cypherpunks-legacy
mailing list