We have described how offline delegation is a natural extension to the services already offered by FR. The argument is focused on the concept of ``user in the decision loop'', and offline delegation is a consequence of this design philosophy. Offline delegation is used to delegate access rights from one user to another, in a setting where communication with FR is impossible at the time (or undesirable for some reason). To ease the exchange of delegation certificates, a method has been developed that enables two users to convey a certificate verbally. Cryptographic techniques based on elliptical curve encryption are used to facilitate short signatures so that as little data as possible has to be conveyed while maintaining a high level of security. The increased complexity in the implementation is outweighed by the advantage of short signatures.
The PDA of choice is the Palm-III, manufactured by 3Com. It was shown that performance is satisfactory even on this class of hardware. Furthermore, by utilizing the graphical user interface on the PDA, it is possible to transfer certificates (using speech) as part of a conversation between humans. Security is preserved and the performance is satisfactory.