User attributes and audio IDs (was: Trouble signing)

Richard Laager rlaager@wiktel.com
Sat May 17 04:06:04 2003 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Shaw wrote:
> On Sat, May 17, 2003 at 12:05:42AM +0200, Manuel Samper wrote:
> > David Shaw, on Fri, May 16 2003 at 20:24, wrote:
> 
> > > I've been making a list of potentially useful attributes 
> (images other
> > > than JPEG, audio clips ("Hello! My name is XXXX and my 
> fingerprint is
> > 
> > Cool! But appart from this, I cannot see much more utility 
> right now...

Well, this could be useful for voice verification of fingerprints. One
could then match the user on the phone to the key or something like that.
;-) I don't know how much it would be worth though.

> Yes.  It doesn't lower security (it's just a different sort of ID),
> but I can't think of any really good uses for it except the coolness
> factor.  Then again, it could be argued that photo ID is just a cool
> trick also.  Since you can't actually select a key via a photo ID, it
> isn't really a good user ID.

There's no reason you couldn't select a key by a photo id in a GUI
environment. Simply show a bunch of photos and let the user choose.

Personally, I'd really like to see a keyserver interface that shows things
like this. I think that would be a great application of photo IDs.

=========== 
|         |  pub  1024D/5E1F1BCE 2000-12-01 Richard James Laager (...)
| <...> 
|         |       Key fingerprint = 03D4 AED7 0990 0162 EDF5  5183 6DF5
| 5E1F 1BCE 
|         |  uid                            Richard James Laager (...)
| <...> 
|  PHOTO  |  uid                            Richard James Laager (...)
| <...>  
|         |  uid                            Laager, Richard James <...>
|         |  uid                            LAAG0007 <...>
|         |
===========

BTW David, did you happen to have any thoughts on the handling of photo IDs
with revoked self-signatures, etc. as I talked about in a message a few
days ago? The same issues would likely apply to the other types of
non-traditional uids.

Richard Laager

-----BEGIN PGP SIGNATURE-----
Version: 6.5.8ckt http://www.ipgpp.com/

iQA/AwUBPsWHGW31OrleHxvOEQIoaACcCLABEosUOkc6Lyb4NE+K74niDXcAniuX
H93B3e6v896Qs0GjnPipV/6z
=7qdP
-----END PGP SIGNATURE-----