[WG-IDAssurance] Looking for POCs to Discuss e-passports for Non-ICAO members

1 view

Skip to first unread message

Christina Lee

unread,

Aug 4, 2021, 3:44:08 PM8/4/21

to wg-idas...@kantarainitiative.org, Yang, Peter

Good afternoon,

My name is Chris Lee, and I am part of a project team currently supporting the IRS to help address their need to be able to support the international user community requiring access to IRS resources. Our team is looking to speak with someone about e-passports from different countries (that are not ICAO members) that can be used as part of an identity proofing process.

FOR ICAO members, as part of the identity proofing process, we can leverage an NFC capability to scan the picture page of an e-passport; read the data from chip; ORC the data that's at the bottom of page; and verify the digital signature on the chip to confirm its authenticity and integrity against an authoritative source like ICAO PKD master list.

However, for those countries that are not ICAO members, but still issue e-passports (per PRADO), our team would like to get an understanding around what the authoritative sources are for those countries, and whether they have Country Signing Certification Authority (CSCA) and Document Signer Certificates (DSC) that can be verified.

If anyone can point us in the right direction, we’d appreciate it.

Thanks,

__________________________________________

Chris Lee | Manager | Easy Dynamics Corp

cl...@easydynamics.com

mhae...@freeuk.com

unread,

Aug 5, 2021, 3:35:48 AM8/5/21

to Christina Lee, IA WG

There should be international master lists, since the whole ePassport system was designed to work without a single root. ICAO provides a root for airlines, and far too many countries use it for convenience rather than participating in the system for sovereignty that they insisted upon having. It is rumoured that the US authorities still haven't the facilities for checking e-passports that they should have and demanded others to comply with, and this sounds to be the case if IRS can't simply get the information from them!

The theory is that each country publishes (and signs) a list of things they recognize - a unilateral sovereign decision - and anyone can check it against all the other lists - a very early form of distributed ledger.

The Germans are usually the best at documenting what is going on, and they kindly provide it in English.

https://www.bsi.bund.de/EN/Topics/ElectrIDDocuments/securPKI/securCSCA/Root_Certificate/cscaGermany_node.html

_______________________________________________
WG-IDAssurance mailing list
WG-IDAs...@kantarainitiative.org
https://kantarainitiative.org/mailman/listinfo/wg-idassurance

Reply all

Reply to author

Forward

0 new messages