So ... some things:
1. To verify the public key on the RFID in the passport, you'd need a copy of the public key.
2. That would have to be stored *somewhere* and the public key would have to be scanned and sent to <location> over <network>.
3. Compare and pair the keys.
4. Presumably the TSA Agent would get a red light, or a green light (KISS principle) for the Cryptographic Validity of the RFID's data on their hand-held or base scanner thingy.
Simplified, sure. But that's mostly the correct way to do it.
The other way, is to put the public key in each scanner so it ust checks right there in the boxen.
I'll be here having a pint taking bets on how this solution gets pushed.
Biting the hand that feeds IT
