[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-CARM] PKI, CAs, TTPs &c.

A 10:32 27/03/98 -0500, Carl Ellison a écrit :
>At 10:14 AM 3/27/98 -0500, Charles W. Gardiner wrote:
>>    The world is very likely to go with an electronic system that closely 
>>the present paper system with holographic signatures, because the
>>and procedures are already established in law and custom.  There are even
>>equivalent of certificates in the business world!  All the palaver about
>>validating signatures without any local context strikes me as a waste of
>By holographic signatures, do you mean handwritten signatures?
>An observation by Matt Blaze seems appropriate here:
>digital signatures are bound tightly to the signed document and only loosely 
>to the signer
>handwritten signatures are bound tightly to the signer and only loosely to 
>the signed document

I fully agree and even add that 
   certificates and signature (even digital signature) are totally 
    different things even if related
In real as in cyber worlds

     a certificate is something enabling (appropriate) verifiers
	the check some identity claim by providing "checking elements"
	(such as age, photo, colour of eyes in real life).
	A certificate is always a "portable" credential associated
	with a reference "database" (The CA database for digital world).

     a signature as such does not exist neither in digital world
	nor in real world (even if less obvious). What would be the
	"value" of a blank piece of paper with a signature only?
	and their is no such digital signature only but always
	a signed msg or doc or a digital signature "attached" to a msg)

     in both world a signature is only a "thing" 
 	produced by someone as an element intended
		- to claim an identity
		- to testify a commitment (which semantic is wholly
			defined according to the signed document such
			as "payment instructions", "private msg", 
			"official order", aso)
	this does not prove anything
	this only enables the verifier to proceed to "verifications"
		these verifications may limit (verifiers will) to
		  cross-check against a certificate
		or mays extend to additional verification at the reference
		  data base (CA operated cert validation service, that may
		  -not must- be realised using CRLs, or simply a phone call
		  at the central data base service...)
		that does not prescribe what the ultimate verifier decision
		  should be
		  - the verifier may decide to trust the technical checking
		  - may decide he requires a second and different checking
		  - or anyhting else

As a consequence when people speak of "signature" with fingerprints
or with eye pattern reconginition, we don't use the same terminology.
These are not signatures, they are "personal authentication means"
and will not be usable in a signature as long as a "reference data base"
does not exist which use these means in the authentication process.

In addition, even if not fully relevant to this list, I would like to stress
out a few points about "handwritten signatures"
   1. there exist signed documents and no signature
   2. a signature role is not a mean to authentify, but a mean by the
	signer to "commit" somehow (according to the context:content
	of the signed document)
	it is the duty of the verifier (of the commitment)
	- to interpret the commitment
	- generaly to identify:authentify who is commiting
   3. people (citizens) DO NOT HAVE "A signature".
	people (let's choose me, PAP as an example) do "deposit"
	  a template signature in each context they need to
	  so that the verifiers can proceed to the above mention checking duty
	example : I have 1 passport and 2 bank accounts
	I have "deposited" as a reference 1 different drawing at each
	  institution that they have "termed" my signature for their
	  context and purpose.
	When I apply for a visa I need to demonstrate I am able to reproduce
	  the "drawing" deposited at the approp^riate agency and which
	  also is present on my citizen certificate (my passport)
	When I want to buy a pair of trousers and decide to pay for it
	 using my first bank account I need to "sign" a form call "check"
	 issued by this bank and using the "drawing" I deposited at this
       Of course when I write "private" and "unoficial" letters to
	  my girl friend 
	   - I have not make any formal "deposit" of a reference signature
	   - I use a specific "drawing" for use only with "nice girls" :-)
		where my name does not appear (but somehow looks like my
		first name)
	   - I don't expect my girl friend to go and check this signature
		at my bank nor at the civilian registry office :-)
	   - I simply expect she would recognize it and "trust me"
		(whereas the bank does not have to trust me, but only to make
		sure I am conforming to my commitments so that they will
		not take any risk at withdrawng money from my account
		and credit the trousers vendors account)

Globaly, even if I am cautious not to force the digital world to look like
absolutely similar to the real world, it appears that there is far less
difference between both worlds when it relmated to certificates, signatures
contracts and so on.
It afraid a reading this lsit that too many people only focus on the
unformal, private context and do give enough attention at the much
more important (in terms of business $, FF) legal and contractual context
which requires security, certs, signatures aso.

Let me terminate by a provocation. As of today neither a certificate
issued by Verisign, USPS, CyberTrust or even by EuroTrust-FR which I run
has any value at all for me. The reason is I haven't found yet any
legal or contractual context in which the people / companies / agencies I am
trading or contracting or paying with will give any credit (by form
of a paper  standard and strong contract with me) to such a certificate
(with in addition the Verisign/XXX/ EUROTRUST claim that they do not accept
any liability). I don't need trust, I (and they) need commitments / contracts 
and liability and this why the thread about "trust transitivity"
looks to me as a pure speculation and theoretical debate unrelated
with the requirements of most players I have to deal with. 


-- PAP


>Version: PGP for Personal Privacy 5.5.3
>|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
>|CyberCash, Inc.                      http://www.cybercash.com/    |
>|207 Grindall Street  PGP 08FF BA05 599B 49D2  23C6 6FFD 36BA D342 |
>|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
>+ For information about the cert-talk mailing list, including archives     +
>+ and how to subscribe and unsubscribe, visit:                             +
>+                http://mail.structuredarts.com/cert-talk                  +

mailto:pays@edelweb.fr		           http://www.edelweb.fr/
tel: +33 (0) 156 541 940                   fax: +33 (0) 156 541 941

Follow-Ups: References: