Idea: up-to-date business card

Dean Collins Dean at cognation.net
Wed Mar 14 21:29:38 CET 2007


Hi Matthew,
You might want to have a chat to Scott Shaffer who writes a blog called
The Pondering Primate.
http://theponderingprimate.blogspot.com/

He goes nuts for that kind of stuff.

 

Regards,

Dean Collins
Cognation Pty Ltd
dean at cognation.net
+1-212-203-4357 Ph



> -----Original Message-----
> From: community-bounces at lists.openmoko.org [mailto:community-
> bounces at lists.openmoko.org] On Behalf Of Matthew S. Hamrick
> Sent: Wednesday, 14 March 2007 4:13 PM
> To: Ole Tange
> Cc: OpenMoko community
> Subject: Re: Idea: up-to-date business card
> 
> Yeah... this is called "Meishi." I developed it while I was in Japan.
> 
> The idea was that you put a unique bar code on the bottom of your
> business card. The code is essentially a serial number and URL to
> your online Meishi server MACed with a secret key you maintain. You
> give your business card to someone who snaps a picture of it with
> their phone. Software on the phone extracts the URL from the picture
> and communicates with your Meishi server, registering itself with the
> serial number provided. The business card recipient then completes
> the transaction by giving their Meishi URL to your server. After the
> protocol is completed, you both have each other's "Meishi URL" that
> you both can use to receive phone and address updates.
> 
> An extension to the service also allows the person you gave your card
> to to put their public key fingerprint on their card and pass it back
> to you. This public key could be used to verify pseudo-identities.
> 
> Not all of the system would (or should) be required, you're likely to
> deal with a lot of people who don't have "Meishi System" business
cards.
> 
> A couple points to remember:
> a. you're using a secret key and a Message Authentication Code, so if
> your secret key is revealed, you get no forward security and you have
> to toss all yer business cards that use it.
> b. your business cards turn into "one time use" tokens. If you give
> your business card to person "A" (whom you like) but they share it
> with person "B" (whom you can't stand), there's nothing that prevents
> person "B" from registering with your server unless you add an
> additional layer of authentication.
> c. there's nothing that prevents people from copying your information
> and giving it to someone else. The thing that is hard is for them to
> give someone else the right to get updates.
> 
> It is, of course, a bit more complex than this, and I never did
> anything more than write a couple prototypes.
> 
> At some point I would love to add support for ECC for some
> transactions and IBE (Identity Based Encryption) so if you want to
> work with me, i'll probably have some time in May to work on such a
> system.
> 
> I thought for a while that I would patent the concept and try to
> license the concept of generating serialized business card stock to
> people like Avery, but then I realized having to pay an additional
> fee for business cards would seriously hamper adoption. So to the
> degree that such a process is patentable, I would not seek to do so.
> And to the degree that someone else would try to patent such a thing
> after 2001 (when I was in Japan) it would probably serve as prior art.
> 
> Also... Xerox PARC had this project that embedded digital information
> into screen-printed pictures. I always wanted to embed my Meishi data
> into such a thing. That way you could put a picture of yourself on
> your business card and it would have your Meishi information hidden
> in it.
> 
> -Cheers
> -Matt H.
> 
> On Mar 14, 2007, at 12:19 PM, Ole Tange wrote:
> 
> > If I receive a business card it sometimes happens I try to call a
year
> > later. At that point the person has a new phone number and I will
have
> > to look that up. I would much rather receive an intelligent business
> > card that was always up to date.
> >
> > To secure anonymity we will need a protocol that will allow me to
get
> > the new information without everyone knowing I got that. It will be
OK
> > if the original person is informed. Maybe using some kind of web of
> > trust?
> >
> > /Ole
> >
> > _______________________________________________
> > OpenMoko community mailing list
> > community at lists.openmoko.org
> > http://lists.openmoko.org/mailman/listinfo/community
> 
> 
> _______________________________________________
> OpenMoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community




More information about the community mailing list