[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libreplanet-discuss] New GNU

From: Niels Serup
Subject: Re: [libreplanet-discuss] New GNU
Date: Tue, 8 May 2012 18:42:16 +0200

On Tue, 08 May 2012 12:05:02 -0400
"Richard-qbiciii" <> wrote:

> I think with the current technologies ( hardware, software, data
> encryption) a system could be bolted together fairly rapidly that
> could be used to create a digital unique 'personal' certificate. To
> ensure uniqueness ( no person could ever hold more than one), some
> bits of biometric information has to be offered at the creation of
> the certificate 'object'. I know that now I am raising an array of
> red flags, big brother....etc, but hear me out. None of this
> information is ever stored, but is used in the encryption process to
> develop the 'masterkey' that allows the holder access to all the
> objects attributes (name, address....). No one but the originator has
> the private key, and in fact, no other attributes need be added if
> the holder does not wish to. The only thing that is important is that
> the certificate is unique and that it represents a valid living
> person. THAT IS ALL. The only information held on any server would be
> the encrypted 'outcome' of the biometric input. No voice tape, or
> fingerprint scan, or retinal scan would ever be stored.... only the
> outcome of the algorithm that encrypted that piece of data. The only
> reason to even store that is to ensure that another certificate could
> never be created for the same person.... or a mix of people. I
> envision that at least three bits of information would be needed to
> ensure uniqueness, and all could be done in the privacy of one's
> house with the current phone technologies. A voice sample, a
> fingerprint scan and maybe a ear or eye scan ( using the phone
> camera). The programs on the server would process each piece through
> 'standard' algorithms and look for an existing match. If no match is
> found for all submitted information, the applicant is issues a
> certificate, a master key, a public key, and a empty 'certificate'
> object is created.

Three bits? 2^3 = 8, so 8 unique persons? I'm sure you meant something
else, but I don't understand what you mean with "three bits".

How would you ensure that a person did not first use a picture of their
right ear and then a picture of their left ear, to identify themselves
as two persons? Or use a retina scan and say they're three persons?

I think it is better to just use PGP and have people in real life
recognize that a certain PGP key *is* "equal" to one real person. (Like
all those key-signing parties.)

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]