RE: Manually Signed Digest as an XML signature type from Philip Hallam-Baker on 2000-06-12 (w3c-ietf-xmldsig@w3.org from April to June 2000)

From: Philip Hallam-Baker <pbaker@verisign.com>
Date: Mon, 12 Jun 2000 08:24:25 -0700
To: "'EKR'" <ekr@rtfm.com>, tgindin@us.ibm.com
Cc: Philip Hallam-Baker <pbaker@verisign.com>, Barb Fox <bfox@Exchange.Microsoft.com>, "Joseph M. Reagle Jr." <reagle@w3.org>, w3c-ietf-xmldsig@w3.org
Message-ID: <2F3EC696EAEED311BB2D009027C3F4F408EB47@vhqpostal.verisign.com>

>Such signatures are accepted, but not on the basis of there being
>a strong binding. Otherwise, making your mark in the form of
>an X wouldn't be allowed.

>-Ekr

This is key. I don't distinguish between biometrics and 'voluntary'
signals such as Voice prints etc. because as I see it people are looking
at the biometric quality for the security.

I agree that there is much use of insecure authentication proceedures in
paper transactions. These insecurities are in gerneral acceptable
because there are other controls that mitigate risks (relationships,
physical presence etc.) and until now there has been no better way.

I utterly reject the notion that e-commerce should start from the
position that current levels of fraud and theft are acceptable. That
type of thinking leads to systems like the AMPS cellular billing scheme,
a system so insecure that the UK police and courts refuse to spend
taxpayer monies deterring clonning fraud that the operators could easily
have prevented.


So far the way of integrating biometrics and public key cryptography
that works best is to use a biometric to gate access to the private key.
This particular scheme is ecceptionally strong and does not require any
special support in XML DigSig.

		Phill

Received on Monday, 12 June 2000 11:25:59 UTC