[LINK] Australian e-Passport

[Geoffrey Ramadan]

Roger

All I have been find on the Australian implementation is:
http://www.agimo.gov.au/__data/assets/pdf_file/51350/Australian_Government_Standards_Framework_-_Part_C_-_Standards_and_Model_Specification_v0_3_5.pdf
"Australian Government - Smartcard Framework Part c - Standards and 
Model Specifications" Draft,

which highlights some of your points below.

For Linkers:
all the e-passport specifications are defined by ICAO
http://www.icao.int/mrtd/Home/Index.cfm
In particular Doc 9303
http://www.icao.int/mrtd/download/documents/Supplement%20to%206th%20Edition.Part%201.Doc%209303.Release_4.June2006.pdf
which is now up to edition 6 (June 2006)

You will also find some interesting presentation at the recent:
"2nd ICAO-Standard MRTD Symposium with Exhibition - 6 - 8 September 
2006, Montreal, Canada"
http://www.icao.int/icao/en/atb/MRTDsymposium/MRTD_06/index.html
which I found useful in getting a current snap shop of where we are upto.

It is quite clear the that adoption of e-passport has been going for 
quite some time, and that the standards are still evolving.

Regards
Geoffrey Ramadan B.E.(Elec)
Chairman, Automatic Data Capture Association (www.adca.com.au)
and
Managing Director, Unique Micro Design (www.umd.com.au)


Roger Clarke wrote:
> At 1:22 +1000 7/10/06, Geoffrey Ramadan wrote:
>> Key features of the Australian e-Passport can be found at:
>> http://www.dfat.gov.au/dept/passports/
>
> Key features?  Despite many requests made to them by APF, DFAT refused 
> to provide meaningful information about the implementation, before, 
> during or since the project began.
>
> Read the paperwork carefully, and you won't find answers to whether 
> there is additional data on the chip or not, including whether 
> something about your face, generated from something unspecified, is on 
> the chip or not.
>
> Details of the technical implementation, and the protections used? 
> Results of tests of the design?  Nuh.
>
>
>> It also sumarises how it protects data and privacy.
>
> Re security, again it abjectly fails to inform.  Is the data 
> protected, or *will* it be?  Is ICAO's spec fixed, or does it contain 
> options, and does it come in versions?  If so, which are being used? 
> And why does it still use the future tense, months after deployment?
>
> Privacy protections that had accumulated under the common law, and 
> such as were created by the Privacy Act in 1988, were torn to shreds 
> when the Passports Act was re-written from scratch, and passed by a 
> compliant Parliament.
>
>
> Quite simply, we have very little idea how the application works, and 
> no-one has ever seen a security audit report.  As far as the arrogant 
> apparatchiks in DFAT are concerned, we're all subjects, and have no 
> right to such information.
>
> The vacuous excuse of the US visa waiver program gave the spook 
> community the opportunity to sweep away human rights, and get 
> themselves open-ended authorisation for biometrics to be imposed.
>
> The complacency of the Australian public in the face of the accretion 
> of power of the national security and law enforcement agency push is 
> extraordinary, and bodes very ill for the freedoms of my kids and yours.
>