[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [E-CARM] PKI, CAs, TTPs &c.
Carl,
>By holographic signatures, do you mean handwritten signatures?
>
>An observation by Matt Blaze seems appropriate here:
>
>digital signatures are bound tightly to the signed document and only loosely
>to the signer
>
>handwritten signatures are bound tightly to the signer and only loosely to
>the signed document
Although there is a grain of truth in the above, it is just a grain.
Most handwritten signatures aren't even legible, and might as well
be a "chop". That's why most documents require you to print or type
your name, in addition to signing. So a handwritten signature is only very loosely
bound to the signer's identity.
As to whether the handwritten signature is bound to the signer's persona,
that is a metter that can only be judged by a so-called "expert" in handwriting
analysis. yedt there is some reason to believe that these experts may
do no better job distinguishing between a forgery and a genuine signature than
the ordinary lay person.
And as Ed Gerck has pointed out in another context, lasers can be used
to remove an ink signature without a trace, even if it was appended to every
page, and even if it weren't possible to amend the text of a printed
document without detection.
So handwritten signatures are bound only very loosely (less than 50% confidence)
to the signer, and even more loosely to the signed document.
Therefore, commerce as we know it today is impossible, because
the technology upon which it rests is insecure. :-)
bob
Follow-Ups: