Adverts from Google:
What is a signature?
There has been much discussion about the possibility of signing documents digitally. One issue which tends to be side stepped, but is an essential element, is the degree of equivalence between a digitally signed document and one signed ordinarily.
Encryption allows me to send to you a document signed with your public key, which only you can read. I can also send a document to you which is signed with my private key. Only I have that private key, and when you receive it, you can immediately verify that the document has not been altered, and that I am the only possible source of it. Much of the discussion has assumed that this makes such encryption equivalent to a signature. It is not. That a computer scientist has called it a signature as a shorthand, does not guarantee that what he means by the word is what a lawyer will mean.
Two people can sit on either side of a desk. One can write out a document (but not sign it) and then hand the document across the table to the recipient. The recipient then knows, because of the situation, that the document has come direct from the other and that it has not been altered since it was passed to him. He knows this because he saw it all. What has not happened, is any signing of the document. The signature side of encryption technology achieves exactly and only those two effects, but something additional must be incorporated in order to suggest that a document has been signed.
The element which is required is the addition by something which is accepted by convention, (and there can always be new conventions) which indicates that I do, as it were put my name to a document. Signatures already take several different formats; I can sign somebody else's name if I have an appropriate power of attorney, or a person unable to write may make a mark, or a large organisation can stamp a signature onto a cheque.
One possibility might be a signature arrangement which by convention comes to be equivalent to the appending of a signature. It might be that I would encrypt my name together with a date and time in a standard format, with a private key used just and only for this purpose. That signature is then added to the electronic document. The entire electronic document including that signature could then itself be signed with a separate key which would guarantee the authenticity of the entire document. I do not pretend to be sufficiently competent as a cryptographer to promote any one form of such a signature, but merely recognise the need.
One has only to read the above to see that this process would be very considerably unwieldy. It is, however, precisely the need to make sure that signatures are not, in general and without thought, attached to a document, which requires such, or a similar, procedure. Anybody signing a document or letter stops short, even for a brief moment, at the point where the signature is attached. Signing processes by the use of encryption will need to have some of the same element.
|All information on this site is in general and summary form only. The content of any page on this site may be out of date and or incomplete, and you should not not rely directly upon it. Take direct professional legal advice which reflects your own particular situation.|
|Home | lawindexpro | Forum ||
|| Two Doves Counselling | Faulty Flipper|
|Copyright and Database Rights: David Swarbrick 2012|