[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-CARM] PKI, CAs, TTPs &c.

To: "Bob Jueneman" <BJUENEMAN@novell.com>
Subject: Re: [E-CARM] PKI, CAs, TTPs &c.
From: "Perry E. Metzger" <perry@piermont.com>
Date: Fri, 27 Mar 1998 16:00:54 -0500
cc: cme@Cybercash.COM, spki@c2.net, cert-talk@structuredarts.com
In-reply-to: Your message of "Fri, 27 Mar 1998 10:57:16 MST." <s51b8635.018@novell.com>
Reply-To: perry@piermont.com

"Bob Jueneman" writes:
> Most handwritten signatures aren't even legible, and might as well
> be a "chop". That's why most documents require you to print or type
> your name, in addition to signing. So a handwritten signature is
> only very loosely bound to the signer's identity.

More importantly, a signature on a document is not proof of
identity. It is proof of *intent*. Digital signatures are totally
unlike real signatures in that there is an expectation not only that
you've become legally encumbered by signing but that the "signature"
is expected to be an unforgeable proof. The law really has no such
absolute assumption about real signatures. The reason one typically
signs a contract is not to prove that you are you, but to prove that
you read and agreed to the terms. It is understood that by signing,
you are taking a step to bind yourself.

> Therefore, commerce as we know it today is impossible, because 
> the technology upon which it rests is insecure. :-)

Actually, I've been trying to make the point that people aren't paying 
attention to the actual concerns of commerce for some time
now. Sigh...

Perry

Follow-Ups:

Re: [E-CARM] PKI, CAs, TTPs &c.

From: John Lowry <jlowry@bbn.com>

Prev by Date: No false holographs, was Re: [E-CARM] PKI, CAs, TTPs &c.
Next by Date: Re: [E-CARM] PKI, CAs, TTPs &c. ... addenda
Prev by thread: Re: [E-CARM] PKI, CAs, TTPs &c.
Next by thread: Re: [E-CARM] PKI, CAs, TTPs &c.
Index(es):
- Main
- Thread