[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-CARM] PKI, CAs, TTPs &c.


>By holographic signatures, do you mean handwritten signatures?
>An observation by Matt Blaze seems appropriate here:
>digital signatures are bound tightly to the signed document and only loosely 
>to the signer
>handwritten signatures are bound tightly to the signer and only loosely to 
>the signed document

Although there is a grain of truth in the above, it is just a grain. 

Most handwritten signatures aren't even legible, and might as well 
be a "chop". That's why most documents require you to print or type 
your name, in addition to signing. So a handwritten signature is only very loosely
bound to the signer's identity.

As to whether the handwritten signature is bound to the signer's persona,
that is a metter that can only be judged by a so-called "expert" in handwriting
analysis. yedt there is some reason to believe that these experts may 
do no better job distinguishing between a forgery and a genuine signature than 
the ordinary lay person.

And as Ed Gerck has pointed out in another context, lasers can be used 
to remove an ink signature without a trace, even if it was appended to every 
page, and even if it weren't possible to amend the text of a printed 
document without detection.

So handwritten signatures are bound only very loosely (less than 50% confidence)
to the signer, and even more loosely to the signed document.

Therefore, commerce as we know it today is impossible, because 
the technology upon which it rests is insecure. :-)