Slashdot Mirror
House Passes Digital Signature Bill
ElDaveo writes "Story on CNN.com: 'Forget pen and paper. In the 21st century, signing your John Hancock could be a mouse-click away. The U.S. House of Representatives has approved a bill that would allow U.S. consumers to electronically sign their name over the Internet.'" Good. Maybe now I won't need to deal with so much paper in the future. On the downside, maybe some script kiddie will hack my signature and find cool things to buy online.
IANAL. Take this with a grain of salt.
The only requirements, legally speaking, for a signature to be valid are that (a) the individual must mark the document in some way, and (b) the individual must intend for the mark to be affirmative. If you and I were to enter into a contract, either of us could sign with an X or as "Mortimer J. Humphries III" -- even if you sign with something that's not your real name, if it meets the two requirements above, it's a binding signature.
So, in light of this, the Digital Signature Act (or whatever they're calling it) is really quite irrelevant. If you and I sign an electronic contract with digital signatures, and we both mark it affirmatively, then the signature is valid -- period. (The virtue of digital signature algorithms is in that the signatures are difficult to repudiate -- while anyone could sign a contract as "Robert J. Hansen", presumably only I could sign a contract with my OpenPGP private key.)
In short, this legislation is unsurprising and unnecessary. Don't get your shorts in a knot over it; no matter how you cut it, digital signatures are already valid.
However -- to the best of my knowledge, digital signatures have not passed any kind of a court test. Instead of waiting for the courts to establish that digital signatures are valid (a process which could take years), the Legislature has just informed the courts that digital signatures are valid.
The last time I checked out the various digital signature acts, they (wisely) didn't specify algorithms to use, key management methods, etc. All they did was instruct the courts that digital signatures were valid, except in certain critical instances where physical signatures are viewed as more secure.
Presuming the telephone network is secure, particularly if you're not using digital signatures on it. ;-)
;-)
Even if it's not, all the dial-out thing would do would be to confirm that someone at that phone number picked up the phone and said, "sure". The only way to really be sure it was him/her would be if you used a digital signature.
Let's not even talk about how clunky this would be to implement.
sigs are a waste of space
I'm talking about fundemental weaknesses being found in the encryption algorithms. Pre-WWII algorithms were breakable by any cryptanalyst out there with relative ease, regardless of key size, for about 100 years. The only uncrackable system was Enigma. Enigma was busted in roughly 5-10 years, at which point, it didn't matter what was done.
It is conceivable (and indeed, it's sort of expected) that at some point each of the algorithms out there will suddenly have simple solutions, at which case decryption will be trivial.
Similarly, with the advent of things like quantum computing, key length might become irrelavent regardlesss.
sigs are a waste of space
I can't count how many times over the last 7 or so years I've had to re-generate my PGP keyring because I've lost the keyfiles or the computer crashed, or I'd forgotten to back 'em up before wiping for a full re-install or some such thing.
... now I've typed it, maybe not.
My problem has been key posession, mostly.
I thought things looked good a few years back when the various Java ring/embedded Java toys started to make their presence felt (free Java rings for developers, hoo boy!), but these seem to have gone nowhere and are not in any open format that allows transportability - at least not that I know.
So where do I keep my keys? Anyone know of a list of good resources for this sort of problem - I'd imagine it's a common one, probably solved by now with some Palm app or some such thing, but it's a real hassle to be platform-bound for key posession, so what're the solutions?
These small info-button'esque issues are a bit of a drag, actually. Credit card companies got it right - the plastic Visa card is a pretty good hardware platform - but that's a whole different can of worms.
Maybe I should consider getting my public key tattoo'ed on some nice private part of my body, unobtrusive-like. Ummm
Private key jewelry, anyone?
; -- the corruption of government starts with its secrets. a truly free people keep no secrets. --
Here's the bill, HR1572 .
The best reason to legalize digital signatures is for age verification purposes. Right now, the only way for a web site to verify a customer's age is if they provide a credit card #, a very poor method.
:) ). At that point, it becomes the vendor's responsibility to shoo kids right back out the door.
With standardized digital signatures, a central resource can be created where you register your signature, along with enough data to verify your identity. This agency (probably a government one) can then act as a server for verification. When you attempt to access an 'adult' site, you submit your digital signature, and the site checks with the agency's server to compare the signature you provided with one on record at the agency. If it's a match, you're allowed in. If not, when the vendor requests verification, the agency's server would simply give them an error stating that you're not subscribed, and therefor not of age. (I call it a subscription, but no fees should be charged if it's a government run agency.)
It's more secure than the credit card method, and finally makes it easier to simply enforce standard laws about providing such material to minors, since there would be a way for web vendors to verify their customer's age. Of course, this is difficult to enforce outside of sites that literally proclaim themselves to host porn; but for those who do, regular federal laws can be enforced without as much controversy. It might help get this 'Internet porn' media-hype off our backs.
The biggest flaw is, like I said, someone has to run the confirmation agency, and that agency has to be able to verify your identity and age. The records at that agency should be very secure, and none of that would be given out to anyone verifying your age via signature... if you're not of legal age, that particular agency would simply deny you to sign up with their service, meaning you can't verify your age with the vendor.
The other flaw is that vendors could use the public key service that allows your signature to verify other documents to figure out who you are, and keep a database, but this isn't any different from a regular porn shop keeping credit card records, so it's a moot point. You lose a little anonymity, but any company that fails to keep its records secure won't get much buisness in the long run anyway.
This seems to be the best method for allowing adults to legally get what they want with the minimal amount of hassle, while preventing minors from doing the same (within reason... no system is perfect, yadda-yadda-yadda, this is just the best one I can think of that's not too arbitrarily restrictive.)
And of course, this has no legal effect on Usenet or mailing lists, since subscribing to such content is just like subscribing to Playboy... you made your intent clear by requesting it in the first place; whereas web shops are like physical stores that you could wander into by accident without knowing what they were (until you saw the dildo display, at least
Please, feel free to comment... I'd like to know just how many people think this would be practical and/or effective.
That's why you have the equivalent of a digital notary. Different systems work different ways, but essentially it always boils down to another party "vouching" for your signature (saying it's really you), and signing your signature.
One thing that is fairly easy to prove is that the same signature was used for multiple documents. So, for example, one could say, "well, if it wasn't you, then who signed for the mortgage on your house???!?!"
sigs are a waste of space
I haven't seen the details of the bill. However, what electronic signatures are about is that a cryptographically strong hash digest of the document encrypted by your private key, forming a resultant certificate that could only (to the extent the encryption used is strong in this regard) be created with your private key. Your public key is then used to decrypt the certificate, producing a result identify to the regenerated hash digest of the document.
You want to buy a house. You find one on the web for sale, and after doing the virtual tour, you decide to buy. You create a document which is an offer to buy the house. You sign the document with your key and send it to the seller. The seller verifies that you indeed signed the document and decides to accept your offer. She then creates a new document accepting the offer (with all the other stuff attached), and signs it with her key, and returns it to you. You make plans to move in.
In theory it can work. In practice there may be many pitfalls that have not been tested out. If people fail to understand how cryptographic signing works, they could fail to verify that the expected person did indeed sign the document. Human error can still foul things up, and we all know the power of computers is most effective at amplifying human screwups.
I recall a philosophy class I had in college where the professor asserted that there were many things computers simply will not be able to tell us. I immediately rebutted saying, there may indeed be such things, but computers still have the power to make people believe what it says, truthful or otherwise.
I am particularly concerned about things like legal notifications being sent to you via e-mail. For very important documents, even postal delivery is not good enough. Some require a return receipt, and some require identity verification (not so much for privacy, but to verify that delivery was made) for delivery. What mechanisms do we have in place, or just have, that can do all this?
What if I get a court summons delivered electronically in a format that isn't a standardized format, and because of that I am unable to read it (even though the e-mail system has already acknowledged delivery of the mail in which it was an attachment)? One thing we definitely need here is to make sure that any delivery of such things absolutely must be in an open and widely implemented format.
E-mail addresses are not as fixed as postal addresses. If you change ISP, you may end up with a new e-mail address. Or would you feel good about getting your jury duty letter on Hotmail? But then, in about 10 years we'll be serving on juries electronically, anyway.
Not everyone is yet wired. And that probably won't be the case for quite a while. How will they get their important legal e-mail?
My biggest concern, however, is, as you can guess, security. And guess where the least secure computers tend to be.
now we need to go OSS in diesel cars
I've introduced PGP to a number of workplaces, and thanks to the admirable efforts of the pgp people, using pgp is now relatively easy for even the average semi-computer literate office worker. But for those same computer semi-illiterates, the concepts behind what you're actually doing when you click the 'sign this' button in the email window are still not that clear..
As a consequence, and despite my best efforts, I've seen people put their private keys on shared servers, email the wrong key to friends, you name it. I'm dying to be able to eliminate a couple of absolute bottlenecks in my workplace caused by the need for 'original' copies of signed documents to be physically moved from one location to another, but the software used has to be made a bit more idiot-proof first.
I can't in conscience accept a digitally signed document from a user who I know for a fact put their private key up on a shared server just last week. Until I know that that user has either grasped the basic concepts (and has a new key..), or is using software which protects him from his own ignorance, I'm going to have to continue to deal with paper sigs. Others may not feel like being so paranoid or ethical.
I can see that a signature would identify someone as having agreed to a contract, but how does this help people on the web? Outpost.com doesn't need my signature when I order from them, does any e-tailer?
Maybe this will mean more government paperwork can be done online, such as tax filing, but other than that I don't really see too many benefits to digital signatures.
___________________
rooooar
Okay, I'll admit it. I'd be scared to use a digital signature that's as legally binding as a pen and paper one. While you do make some good points I just can't trust encryption with anything real important. We've all seen what can be cracked if enough people put their minds to it. For this to work there will need to be a standard and there's a good chance that ether the US Gov. or Microsoft will try and design that standard. Frankly, I trust neither.
- Apple Computer......proudly going out of business for over twenty years.
Yes, but the same is true of handwritten signatures as well.
There are several authentication models out there. One of them is the "flat" model, where you have a single authority that everyone trusts. For example, verisign offers a service where you go to a notary, and get authenticated, with photo ID and real signature, and all that, and mabye a witness. Then verisign will sign your digital key, so people that trust verisign can trust your key.
The other model is called a "web of trust". Essentially, you sign the keys for anyone who you know whose key it is. So if your friend gives you his key on floppy disk, you can sign it. All the signatures get sent to a keyserver. So for example, let's say that person A knows person B, who knows person C, who knows person D. Person A does not know persons C or D. Then, one day, person A needs to use person D's key for some reason. Person D's key is signed by person C, whose key is signed by person B, who you trust. So you can give marginal trust to person D. If there are multiple trust paths to the key in question then it gets more trust. The problem with the 'web of trust' model is that it assumes ubiquitous use.
In the real world, handwritting does the same essential thing.
Now, if we were to combine the two in some manner, we would, IMO, have a viable way to perform all types of transactions online. It would be a visual signature - for the technically un-inclined - and a digital PGP type code for those who need to check for the accuracy of the signature. I imagine there could be a plugin type application for validifying them asthere is with PGP. The PGP-like ID would be possibly placed within the image in HEX, or some oher method. Maybe a digital 'watermark'.
We shall see, hmmmm?
-------
CAIMLAS
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
the thing that interested me was that the poll ("Should e-signatures be legal signatures") was slpit 54/46 Yes/No when I voted. what does this indicate? lack of trust in digital signatures? lack of understanding? or does just no one care enough to be bothered?
(darren)
- a key is stolen (and used against you)
- a key needs to be retracted before the normal expiry date (e. g. if you think it might have been stolen
- someone you trusted who authenticated other parties turns out to be not trustworthy - your entire "web of trust" might collapse due to this (e. g. if some official certification authority turns out to be corrupt)
The first two problems are partly of technical nature, since security holes in computers will always exist, but the more difficult aspects are social implications and laws that regulate how these signatures apply to real life.are secondary to we the corportations...
I find these bills amazing, as they're almost designed to increase commerce without regards to the cost of citizens.
This law may, in time, turn out to be a good and just law, but still I wonder whom the laws are written for, the coporations or the people.
-----
No Zen is good zen
Several posts thus far have accused the Congress of being "brain-dead" or "ignorant" of technological issues. While the conclusion may be true, this bill is not evidence therefor. Indeed, far to the contrary, this bill is an extraordinary step: Congress is getting government OUT OF THE WAY of technologists and the marketplace.
To the contrary, these postings manifest a lack of understanding of the *legal* purpose and effect of a signature (which is all that the bill addresses). One post stated:
Signing a document has two purposes:
* authenticity
* non-repudability
However true this might be for practical uses of signatures, the signing of a document for legal purposes has nothing whatsoever to do with either "feature," as they appear to be understood here. ("Authentication" doesn't mean what I think he thinks it means.) Indeed, nothing about paper-on-ink signatures, which are trivially forged and transferred from one document to another, provides either of the cited functions.
And it is certainly true that a panel of computer lawyers at the ABA (and the state of Utah) felt that a set of express standards for signatures by electronic means to assure authentication of and non-repudiability by the signer. On the other hand, the clear trend today in state legislatures is instead to adopt more minimalist bills, such as the one that passed the House, that simply assure that electronic instruments are treated no more or less formally as paper writings. Here's why:
In almost all of the United States, we still have a body of law entitled the "Statute of Frauds," which provides that certain types of agreements (e.g., sale of goods > $500, transfer of real estate) are unenforceable unless a "sufficient memorandum" is signed by the party against whom enforcement is sought. Other laws likewise require formalities for certain documents, such as deeds, wills, assignments of certain kinds of intangible property and the like be signed by certain parties.
Here, the purpose of these laws is, supposedly, to avoid swearing matches by giving the world an incentive to make physical, tangible manifestations of the subject matter of the agreement. But the effect of the law is that a market participant, even though he had agreed in full to a contract and even if he fully intended at the time to go through with it, may actually avoid its enforcement later on the purely technical ground that there exists no writing signed by him.
Interestingly, except for certain instruments, the tangible manifestation is not as important as the fact that it was made: you could enforce a document with credible testimony that a signed writing existed in the past. In any case, it is that manufacture of that manifestation that is important for legal policy.
The signature itself, for legal purposes, does not serve to authenticate who was the document's signer, or to avoid repudiation: it is merely to authenticate the document as the one agreed to by the parties -- to distinguish, for example, a draft from the "real thing." The legal technicalities of signature are few. The following have all been found to be valid:
- printing an "X"
- making a scratch on the paper
- shaving a name on the side of a cow
- writing someone else's name
- typing your name
- asking Western Union to type your name
which of course does nothing to identify the signer or to assure non-repudiation. Nor does the common law require that document to be signed, if the signature is placed on another instrument (or bovine mammal) in such manner as to manifest intent to authenticate that document. Papers have been written with bizarre examples of what constitutes a signature. Under the UCC, a signature is any fixed tangible manifestation of an intent to authenticate the document.
On the other hand, when I am attending the closing a zillion dollar sale of a chain of hotels, and the principal of the seller walks up to one of the documents, notes that he heard he could sign "Minnie Mouse" or scrawl an "X," on another piece of paper, I politely ask him (if he is not illiterate) to write his name in cursive on the contract itself. If he refused, I'd advise my client to consider putting off the closing.
Why? Because while these methods of signature are legally sufficient if *he* in fact *intended* to sign, I might still someday need to use these documents to evidence those facts. The legal sufficiency of a document is an entirely different thing from the practical security that sometime, someday, he might change his mind and "misremember" why he signed "Minnie Mouse," or marked only a vertical line or "X." (Remember, it is all about the manifestation of an intent to authenticate.)
On the other hand, for less signficant transactions, we hardly care one way or the other whether or not we can prove or disprove *WHO* signed the document or why -- we just want there to exist barely minimal legally sufficient documents to avoid a technical defense based upon the Statute of Frauds.
Its all about Eggs in Baskets. The realities of the marketplace determine what "technologies" for signature an individual will use, and what "informal," but legally sufficient signatures will be accepted. Each buyer and seller will decide for himself and herself what to require of the other.
Many valid signatures are commercially unacceptable for those reasons. On the other hand, while this is a non-problem, the concern is that a commercially acceptable signature might be held to be invalid! The law serves only to provide the minimum requirements for a signature to be valid (as opposed to "commercially acceptable.") The marketplace determined what technologies they will use and accept.
Which brings us to the ESA. Assymetric encryption now provides (under certain circumstances) greater security to prove authenticity, which is an excellent reason to use electronic signatures in lieu of "traditional" technology, particularly for on-line transactions. On the other hand, it is not for the law to determine what technology should be used -- the law should only undertake to assure that a sig is valid and leave it to you and me to decide what we will accept.
The mind-loss would be to adopt some 50 plus pages of specification as to what is and what is not a valid signature and providing an entire new kind of litigation on the formalities of a contract. "Sorry, you don't get to keep the house, your certification authority's license expired the day beforehand." Such technical defenses would be brain-loss at best.
Whether a vendor should accept the following e-mail:
"I will buy five million widgets at $25,000 apiece, 2%/10 net 30. love andy"
is entirely up to him. Whether a court will enforce these price terms if Andy admits he sent it, on the other hand, is another issue entirely. On the other hand, if commercial exigencies make it practical and financially more efficient to permit that exchange by e-mail, the law should not get in the way.
As an aside, it is almost certainly the case that the foregoing e-mail would satisfy the Statute of Frauds. Its just that in the absence of case law, a market participant can't be assured that it is. We abundance-of-caution-types would stick to pen-to-paper, even if it cost a bit more and took a bit longer, because we KNOW that the courts will accept that. It is for these people that this law exists -- to give them some comfort concerning what is almost certainly the law today -- there will be no technical defense to enforcing an agreement on the ground that the agreement was signed in electronic form. It is up to the market participants to determine if the mode of signature used gives them enough comfort that they will be able to prove that the document was in fact signed by the other party.
Hat's off to a Congress that showed, in this case, a far greater savvy about electronic signatures than the ABA and many technologists. ESA does precisely what it is supposed to do, make crystal clear that a technical defense on the ground that an electronic document is not a "writing," and that a typed signature is not a "signature," while leaving it to the marketplace to decide what signature technology they will prefer to use.
Wow. I'm never putting a .sig on anything else again. ;)
This sig is false.
How tough are PGP signatures to crack? If you make it more trouble than it's worth -- ie, nobody's going to spend $100,000 on computers to get at my crummy atm card with a $200 limit -- I can see how hacking may be averted. But then, there was some encryption that supposedly would have taken 50,000 years of computing time to crack and ended up taking only 35... may have been the latest distributed.net challenge, not sure... but the point is that everything is hackable but it's still a matter of time. Normal people won't use 35 years of computer time to crack digital signatures, unless it's worth a whole lotta money.
___________________
rooooar
"Cause there's 40 different shades of black, so many fortresses and ways to attack, so why you complainin'?"
IANACryptographer, I just listen reeeel goood, and read the right stuff. The following is what I recall from an RSA2000 presentation:
Actually, many digital sig algorithms are not as secure as you say; for example, almost all algos that don't spit out a piece of the intended original message along with the hash of it are vulnerable to what is called 'existential' forgeries--any collection of gobbledygook fed to the verification algo will spit out another collection of digitally signed gobbledygook. USeless, but interesting.
More interesting is that if one is careful, many algos are vulnerable to a mathematical trick that if you can get someone to sign off on a few separate things, then tie them together, one can use the signatures of each part to create a signature of the whole. The parts may be acceptable in their own contexts; the whole may not be anything near acceptable.
Returned Peace Corps IT Volunteer
I was at a web site and it asked me to "sign" an agreement by typing my name into a signature box. By typing my name in there, I agreee to the terms. Is that what these bafoons consider a digital signature?
OK, let's assume this is a real digital private-key sort of a thing. What about the logistics? Who signs your key? The new Verisign/Thawte monopoly? May God help us all if so. Even if not, keep considering.
We are talking about typical Americans here folks. The same flock()ing idiots that are my users that post their account password on their monitor, the same idiots like our students who get a sheet listing their ID and password and I end up finding them lying around in the cafeteria, halls, and classrooms later.
A "real" digital signature using a private key is cool because it combines "what you know" with "what you have" (passphrase and the key respectively). Pass phrases will be passed around, and users will lose their keys and/or not protect them either.
On the other hands, written signatures are about useless now anyway. How many of us have signed the new credit card terminals that are just basically digitizing your signature you scribble on the screen. I've always feared those tablets also record stroke and weight. If so, run that data through a plotting device with a traditional pen and crank out all of the "legitimate" signature copies that you want. (Which is why I always trash my signature when signing those stupid things by writing something signing it and inserting the name of the story over top of it like Ken 'best buy' Weaverling (but kind of overlapped).
Actually, the main thrust of this bill is to provide for a standardized, cross-state acceptance of digital signatures; mostly for legal documents and whatnot--electronic filing of court documents, yadda^3.
As it is, each state has their own law or version of a law (UETA) that is for the most part incompatible with the other laws. So, a contract digitally signed in one state is invalid in another; which severely limits the usefulness of digital signatures, naturally.
Returned Peace Corps IT Volunteer
I always write checks with a ball-point pen. This makes it more difficult for someone to alter or forge a check. The ink isn't easily bleached and the paper records the pressure patterns of the writer.
Mea navis aericumbens anguillis abundat
Hmm. Conspiracy-minded much? I agree with the principle of watching out for Big Bro, but I can't quite get nervous about the scenario you fortell. Even with the increasingly awesome number crunching capabilities we have today, you are talking about one *hell* of a lot of data when you say every digital signature in existence. I doubt that anyone but the most significant of people will attract the attention and merit the resources necessary for such a feat.
No, they are talking about strong cryptography and public-key authentication. Basically you take a hash of the data (probably the date, credit card number, and amount; but could be anything) and then encrypt it with your private key. The data can be decrypted with the public key, verifying that the private key was the one to encrypt it. Or something like that.
It has nothing to do with your actual signature.
"Cause there's 40 different shades of black, so many fortresses and ways to attack, so why you complainin'?"
Something else the CNN article covered in the same segment (because it's in the same bill?) would allow companies to substitute email notification for pmail notification.
There would be no requirement to send a paper copy of the document.
There would be no requirement to obtain proof of delivery.
The segment then had several talking heads - always from the industry - assuring us that only a few crackpots afraid of technology they don't understand were upset by the provisions of this bill. Most people *wanted* to be able to visit a web site and sign a contract for, oh, health insurance and get an immediate email confirmation.
The critics raised dire (but always "unsubstantiated") fears that people would get nailed by late fees or policy cancellations because they never received the email notifications. In the worst case, they could lose their house to foreclosure.
N.B., this is not something which only people who aren't making payments need to worry about, nor are these fears unsubstantiated by experience. It's a significant problem today - ask any victim of identity fraud.
While a company should theoretically verify the digitial signature of all documents regarding change of address and change of signature, history shows that the companies will bend over backwards to "help" the customer who lost his information due to a disk crash while moving, lost it due to a virus, or a dozen increasingly more bizarre reasons.
Considering the fact that I write so few checks (prefering direct payment) that I often forget to sign the laser-printed jets -- yet they are still accepted without a problem -- and the funny look I got from one bank rep who was critical of home printed checks because they were too easy to fake ("but that's why you have a sample of my signature!"), I doubt companies would ever check the signatures until the lawyers get involved in a dispute.
For every complex problem there is an answer that is clear, simple, and wrong. -- H L Mencken
there's a good chance that ether the US Gov. or Microsoft will try and design that standard. Frankly, I trust neither
- ---------------
I hear that! Let's call up the MPAA and get whoever they hired for CSS! First Class Security! Awwwww shit yeah!
------------------------------------------
First of all, for those of you who are concerned that this opens up some huge problem in security because bits can be copied easily, please read up on digital signatures and how they work. Rest assured that provided you use them properly, it is VERY hard for someone to add your digital signature to another document (unless the contents of that document are bit-for-bit the same as one you've already signed --in which case, who cares?).
The concern I have is that this is based on what we CURRENTLY know about encryption technology. I've been reading up on the history of cryptography, and it really looks like a horse race between code makers and code breakers. The thing is, the code makers HAVEN'T been consistently winning. Indeed, if you look back in history prior to the 1970's, you'll find that there were very limited periods of time when code makers were winning, and frequently it was only for short periods of time.
What's going to happen when the inevitable happens? Particularly if cryptographers don't have a new discovery to replace the broken approach. Once the infrastructure of using digital cryptography is in place, it's going to be hard to undo it (case in point: how companies/governments/individuals elected to avoid Y2K problems by simply pulling the plug?).
I don't think this is a reason not to use digital signatures. I think it's a reason to start thinking NOW about how to handle the seemingly inevitable moment when someone figures out how to crack existing approaches... particularly if there is no replacement.
sigs are a waste of space