Congress Moving On E-Signatures

Silas writes: "Well folks, Congress is moving along with attempts to make digital signatures legally binding for online transactions, public and private." Many pros and cons if this goes through, but I'm definitely looking forward to reducing my mail.

History in the making ...

[codefool]

We're really privaledged to be witnesses to the birth of a new industry - forged digital signitures! Signatures of the rich and famous! Soon we'll be keeping autograph books in our PDA's. Wow, Tom Cruise's dig-sig has sooo many zeros!

Wait a sec..

[citizenc]

The article tells us that the senate is moving for digital signatures that are as legally binding as a pen and paper signature. Does that mean that current internet documents that are "digitally signed + legally binding" are, in fact, NOT legally binding? (Case in point: the Napster-getting-unbanned-by-Metallica declaration?)

Does this mean that, in it's current state, a legally-binding, digitally-signed document does NOT exist?


.- CitizenC (User Info)

Re:Wait a sec..

[(void*)]

Were those electronic documents even digitally signed in the first place? I think not.

Re:Wait a sec..

[jonathanclark]

IIR, there have been court cases where cryptographically signed business documents have been treated as "hand signed." This occurred many years ago, I believe around 1995. I have also recalled recent cases where online shrink-wrap licenses have been upheld for a very limited domain - mainly IP protection.

In my mind, an online shrink-wrap licenses carry very little weight and I have no problem clicking "Yes, I agree" without reading an agreement. It's simply to easy to argue that another user posed as you. Web-crawler's can easily SUBMIT whatever is expected and a computer program cannot legally enter into such an agreement.

It's kind of scary to think that online sites may move to legally binding cryptographic signatures. Imagine a feature built into the tag that allows a user to digitally sign the POST data... Then you may end up having to read more legal agreements than actual online content. Slashdot may require you to use this feature or you automatically become "Anonymous coward." etc, etc. The possibilities are endless and many are not very encouraging.

Re:Wait a sec..

[diypower]

Nope, many states and other countries have already adopted laws that make electronic "signatures" binding. Even if they haven't, in the US at least, it's very likely that a court would find that a digitally signed document is binding. The new legislation is intended to provide national uniformity in the United States, so the variances in the state laws (particularly California) will be irrelevant. Even without the new law, you can't get out of a contract by saying "Yes, I agreed to do that, but my agreement was manifested in electronic form, so too bad." You can get out of the contract (and will continue to have the ability to get out of the contract) if you can persuade the relevant arbiter that it wasn't you who entered into the agreement and your electronic "signature" must have been forged.

If you want to look at the new legislation, it's at http://www.house.gov/commerce.

Re:Wait a sec..

I think that was the question... Can a "write your name here" text box be as legally binding as a signature? IANAL, but it probably would be. You can sign contracts with an "X" if you want, or make verbal contracts, and they will still be binding. If it can be shown that you understood and agreed to the contract, it's as binding as a signed contract.

Re:Are digital signatures that authentic?

[gfecyk]

Pardon my ignorance, but how can digital signatures be that secure? I may store my private key in my account, but if some hacker gains root on my system, he would have my private keys. Can I then deny that I ordered that plastic dildo from sextoys.com?

Not if said hacker doesn't have your passphrase, unless of course you stored the passphrase with your private key. At least PGP is this secure, I couldn't tell you about S/MIME.

Twins and DNA

[Bryan+Andersen]

Actually the DNA in Identicle twins starts diverging rather early on. Viruses are the main culprit.

Re:SPELLING IT OUT FOR THE SIMPLE MINDED 0000

[TinMan00]

Thank you for your concern, yes I
have given it alot of of thought, & no
my knee usually jerks in favor of new
technologies. After extensive experiences
with the possible consequences of liability
accruing due to accidents & whatnot.
I envision a magnetic strip card which
empowers a $pay$ key. A decent attorney
could probably make a complete fool of any
victim who claims they accidentally left
the card in the machine.
On a world wide basis, most people
prefer NOT to type in pass phrases, most
kids know their parents *pin numbers*
& in all likelihood the the machines
will be confiquired to ALLOW accidents.
I go beyond Murphy's Law to Masonic
Conspiracy.
I think the first time a dirty toilet
AUTOMATICALLY flushes your butt with filth
you will begin to see some things ought to
be under the explicit control of mortal men.

You can make many new friends
& rid yourself of strange maladies
by shouting out in public places;
"Damn Free Mason, female, fascist,
freaks [O.E.S.]are burning my [insert
correct body part here]
with MICOWAVE LASERS"

SPELLING IT OUT FOR THE SIMPLE MINDED 0000

[TinMan00]

Being that I didn't specifically mention
'electronic key legislation' the moderator
who got my post couldn't understand that a child
who accidentally activated a numerical key
[probably several pages in length & therefore residing on the hard drive] might cause
problems.[like kids who run up phone bills].
So maybe I should spell it out with a paint
roller for these Wunderkinde. Once them
shysters smell money they'll probably have a
[cash] button like [web] buttons etc sitting
in the middle of your keyboard. If you think
that Windows is a cheap piece of cr*p, try
programming a pc that has been DELIBERATELY
screwed up to avoid monetary tampering.
When computers came out one men could
put together a a neat program. Now with the
**** fhat's been added it takes weeks for several
guys to put together a program of any
reasonable complexity. Wait til you need a
4 year degree to run windows. This E key
legislation is one big step toward creating
a machine too important to be handled by
unauthorized, non proffesionally trained personell. Does mring the picture into
focus for ya. These free Mason technocrats bury
everything in cr*p so deep they take
the fun out of programming. [& money out of the
pockets of thode not privy to the
undocumented code that seems to make every
thing work.]
Does that put it more in focus for you.
This legislation lies to casting a chill
over a major area of productive power in the
hands of the people of the World.
Ok You Free Mason cupcakes want to play
stupid?
Perhaps this explains things in greater
particularity for you. Howse Adolph?

Since Geo. Washington, the officers of
the Armed Forces have all been
Free Masons, which may be why
their Russian Brothers had our
troop movements before our men did.
VA doctors have found either
chemical or biological
justification for Desert Storm
Syndrome. Perhaps our officers
are punishing our men for what they
did under orders. Done with a
MICROWAVE LASER.

Re:SPELLING IT OUT FOR THE SIMPLE MINDED 0000

[Eil]

Ssssssh, quiet! You might scare people saying stuff like that...

Re:SPELLING IT OUT FOR THE SIMPLE MINDED 0000

[TinMan00]

ITS TRUE, not every single word I
post is true, sometimes I just can't resist
a one liner which expands into an extensive
post.
Equally as important as truth is
plausability. A major segment of our
civilization is given over to the art full
exploration of what might be, literature,
law, mathematics, human thought etc.
In this way we form benchmarks for
further development & warning signs to swerve humanity away from disaster.
This is what congress claims to be doing with
regard to E keys. If the informed public
doesn't act [that's you] against commercialization, webpages of today will
dissappear in 10 years & will be looked
upon like graffitti is today.
So my stuff aib't all true
but its nourishing & sometimes entertainment.

So if you don't stop these landgrabbing
Free Mason Scums, Crazy Horse, they gonna push you into the sea.

You can make many new friends
& rid yourself of strange maladies
by shouting out in public places;
"Damn Free Mason, female, fascist,
freaks [O.E.S.]are burning my [insert
correct body part here]
with MICOWAVE LASERS"

Re:SPELLING IT OUT FOR THE SIMPLE MINDED 0000

[TinMan00]

They all gone be wakin' someday
might as well be now, while the coffee
is still good & there's somethings that
can still be done.
This E key commerce on the internet
is pushing aside the original intent of the
web, as a roundtable to share our hopes &
fears. A place for human experimentation
which has been pushed aside to form a
concentration camp for unwanted & untaught
citizenry. A place where the consumer
protections of various States don't apply.
Now the more open pages such as /.
require moderators [why do I think of the "Killing Fields" with pimple faced
moderators puting sandwich bags over the
heads of ideas leaving their corpses floating
down in -1].
Next we'll be having to submit new
web pages to peer review, as theweb users
are driven out of the system they built
by a bunch of Free Mason rumor mongers.

You can make many new friends
& rid yourself of strange maladies
by shouting out in public places;
"Damn Free Mason, female, fascist,
freaks [O.E.S.]are burning my [insert
correct body part here]
with MICOWAVE LASERS"

Re:SPELLING IT OUT FOR THE SIMPLE MINDED 0000

[jason_aw]

*sigh* Have you actually thought about this for even a second? Half a second? No, it's just a knee-jerk reaction, isn't it?

You don't think these keys will be protected by a pass-phrase? If your kids are genius cryptanalysts with access to huge computing resources, *then* you may have a problem...

Re:This *is* a good idea

[CConkle]

I don't know as much about PGP encryption as I should, and would want to, but. My PGP passphrase is hellishly long. It's about forty characters. With spaces, capitalization, and several marks of punctuation. Brute-forcing it would take a awfully long time, I'd think.

Re:Oh Joy

[Steeltoe]

The point was maybe that a combination of these could make it more difficult to crack. With more layers of encryption, you wouldn't know if you've actually partially decrypted the signature successfully or not, or would you? I'm awfully behind on this topic I'm afraid.

- Steeltoe

Re:My rot13 beats your scrawl

[T-Ranger]

Actualy, no.. Identical twins, for example have identical DNA, and I would suspect that 'consumer grade' DNA scanners in keyboards wouldnt beable to tell the difference beteween blood relatives

Handwrighting expercts maintain that signatures are unique, and they may be. The problem is, that signatures can be forged.

Actual fingerprints would not be a bad idea, nor would face, ear lobe, or retina scans, preferably with a combination of two or more of the above, in addition to a password.

Post office would be perfect for this

[Greyfox]

The Post Office would be perfect for this job. You've got a branch office in every city in the USA (Minimum requirement to be a city anywhere in the south is that there be a Post Office and a McDonalds.) Why not implement a scheme like this:

1) Create a key in PGP or GPG.

2) Put the public key on a floppy and take it down to the Post office.

3) Show them your passport or your drivers license and Social Security card and give them the floppy and $5.

4) They put it on their LDAP keyserver, accessable at ldap.usps.gov.

5) Anyone wanting to authenticate your identity would check there.

You could offer some really neat features in a system like this, such as the possibility of creating arbitrairly anonymous keys for use in handle based fora or Hotmail accounts. If your key is compromised, you'd just go to the Post Office and issue a cancel certificate. Ideally there'd be limitations of liability similar to what you get with credit cards if you issue a cancel certificate in a timely fashion after discovering your keys have been potentially compromised. Especially since most computers on the net are insecure.

Re:Post office would be perfect for this

[werdna]

The present electronic signature bill does not require a PKI at all. Electronic signatures can be a simple "Love mOM" typed at the end of an e-mail.

Of course, there are sound commercial reasons for wanted to be able to prove authentication in court with the benefit of a PKI, but the law is enabling only (it permits encrypted signatures enforceability, but doesn't require this for enforceability).

Re:Verisign and NSI

[Jon_E]

Interesting too that one organization now has control over the most lucrative domain names and the most well used authentication service. Perhaps the making for another monopoly.

Re:This *is* a good idea

[Somnus]

Response to comments made:

• Passphrase cracking It is absolutely true that even brute force methods reveal passphrases in a few weeks, if not minutes, depending on the creativity of the passphrase. This means that it is important for two conventions to be followed:
  • Change passphrases, every, say, 2 weeks. This is only a minor inconvenience; it can be done without generating a new key pair on most encryption systems (e.g. GnuPG), which is a big plus when keys must be signed by other parties.
  • Stipulate certain passphrase qualities on entry, to somewhat counter user carelessness/stupidity.
• Persistence of personal data Most companies keep hard records anyway, though they require back-breaking work to search and cross-index instead of using a few script commands. However, the objection is valid in the sense that digital signatures and watermarks have optimal fidelity and are difficult to dispute, unless a breach of security can be demonstrated. Any con with enough practice can replicate a handwritten signature such that even experienced counterfeit-detection experts have difficulty spotting a fake.
• Cracking and signatures Encryption is not a far leap from digital authentication; SSL is considered secure, and soon all transactions will be considered so if they travel over IPSec or the ilk. In terms of public confidence, concerns for both sides of cryptography in commerce must be addressed, particularly if the same encryption platform is used for authentication and encryptions, as with OpenPGP.
• Confidence in identity Ideally, getting a trust certification for a key pair should be as easy as getting a driver's license or passport ... er, bad examples. Say, if you already have a driver's license or passport, you could go to a notary and have his/her well-known key sign yours. If proper passphrase practices are implemented, then this should be a one-time inconvenience (unless you want multiple keys).

*** Proven iconoclast, aspiring epicurean ***

Re:Forging signatures

[geekoid]

As sad as it is, many people will start to store passphrase on there computer. We are talking about the general public here.
How many programs will 'intergrate' the ability to 'sign' a document with the push of a button?
If someone else sits at your computer, the software wont know.
I suspect some clever person will find away to eMail someone an eMail that signs itself, then replies to the sender, without the sighner knowing.
The ways to abuse this is staggering.

Re:Issues of security

[geekoid]

Actually I would use me thumb print as a 'passphrase'. I wouldn't want to use that kind of varification for Credit card or atm's tho.
"give me your wallet" "ok" snick "now give me your thumb..."

Re:Oh Joy

[(void*)]

The difficulty of prime factoring is not the only, and should not be the only algorithms to implement digital signatures. Maybe we need one based on the knapsack problem or something else.

Any good promising candidates around?

Re:Not until we have secure operating systems

[TheNecromancer]

"Before anyone even considers making digital signatures legally binding, how about requiring this binding to only take effect if the document was signed by an approved smart card? Make it a parameter of the signature, and make it illegal to write software or create unapproved smart cards that set that parameter."

Pardon my ignorance, but how in the world would you prevent people from creating illegal smart cards to forge digital signatures? Seems to me that this solution just creates new avenues of digital fraud.

John

Re:Oh Joy

[tringstad]

By the time they've decided on this, we'll have computers fast enough to factor the primes, crack the keys, and render this technology useless.

I'm sure that this was not the point of your post, but unless the actual algorithm is broken (which means discovering the true nature of primes, or at the very least a solution to factoring numbers easily, which is closely related) there is no real danger here.

If the computers are that fast, then they will also be fast enough to compute larger keys at a usable speed.

-Tommy

Re:Legal yes, but is is feasable?

[/]

How do we keep ourselves safe in a time when anyone with a pen can forge our handwritten signatures? The answer is, all signatures are insecure and legally contestable, and the process is a real bitch if you've ever been through it.

Re:Hehehe...

[GeZ117]

> Hey, we still consider encryption "munitions."
That's so stupid! I know there is also lots of bullshit in french cryptography laws, but I believe it was recently fixed. Not sure, however. But I've no time now to search documentation about this.

> I wonder if it's legal for a US e-signature to be used in a non-US country?
I'm afraid it depends mainly of your congressmen.

Slightly off-topic, but I want this to be voted.

Re:Great, I Can See It Now...

[gfecyk]

"This is NOT spam! One of our subsidiaries which you have done business with received your legally binding signature...to withdraw from our mailing list, merely click the link below, where you will receive instructions to verify your decision to op-out by providing your (wait for it)..."

Ask for the verification.

Even if a luser was stupid to sign an "opt-out decision", that alone couldn't verify the so-called "original" request for the spam. I'd be more worried if the spammer asked instead for the luser's private key... and the luser actually handed it to them!

Re:Not until we have secure operating systems

[mizhi]

Good point... many times it's not the algorithm that's the problem, it's how people go about the exchanging of keys, storing the keys, etc, that compromise a system.

Re:Not until we have secure operating systems

[T-Ranger]

Making digital signatures legally binding scares the shit out of me.

Keep in mind that, even with current 'legaly binding' signatures, you can potentialy always go to court and say "I diddnt sign that".

Because of this, important contracts require a witness (who could also potentialy say "I diddnt see him sign that, and someone forged my name too!"), and realy important contracts need to be signed and notarized by something like a Notary Public, a Comissioner of Oathes, or even a judge.

When I say "require" I dont mean "legaly necessary" but "expected" and/or "required" by the other entity involved in the contract to do business with you. IANAL (and working on lay Canadians idea of the law (but this is all prety basic, and basied on English Common Law anyway)) but since there is always the "I diddnt do it" escape, important contracts will always require a third party.

Congress is moving?

[/]

What, since Microsoft won't move to Canada, Congress is?

Re:My rot13 beats your scrawl

[broter]

I haven't read the bill yet (finals coming up and all), but one of the problem I see here is what is the trusted database/mechanism for authenticating a digital signature.

A goverment database? I'm out.

A private corp? I'm out.

RSA as a digital signature? Only secure for a subset of messages (see IEEE press's Contemp Cryptography(?) for that attack).

If you're responsible for your own digital sig, how do you change it if/when a pratical attack comes out for your algorithm/protocol?

Just a thought. Please kick my ass if I'm wrong.

Re:This *is* a good idea

[geekoid]

You would be one of the exceptions.
PLus when 'convience' addons begin appearing,and they will, anytime a system is unattended, someone could enter that computers owner into a legally binding contract.
Imagine the exploits for that?

finally!

[hexdef6]

finally I can sign contracts online. Getting out of my chair to go mail something has always been the bane of my existence. Oh wait, I guess this means that I'll have to actually "sign" for those purchases, huh?

Jaeger
http://334.se2600.org
http://jump.to/jaeger

Privacy and Online Stalking

[Ephro]

In an interview on CNN or MSNBC last night about online stalkers there were two major points made. First is never give out any information about yourself. Second was that all packets should be signed with your social security number of all things. Don't these seem mutually exclusive to anyone else?

On a side note, social security numbers are not required to be a US citizen, in fact as long as you don't work for the government and don't keep money in any institution regulated or associated with the FDIC there is no need. On a side note the same goes for paying taxes. If this regulation goes through then in essense what is said by requiring a social security number for internet access is that it is a privledge and not a right for a citizen to possess. Scary thought to think that we may not have a right to communicate. Just some things to think about.

Re:Privacy and Online Stalking

[Arcanix]

It turns out everyone has to have a Social Security number (if they want a job). I know every job I've ever worked at I have to fill out a bunch of forms, no SS, no job. It is illegal for the company to hire you if you don't have a Social Security number (or a green card) because everyone has to pay into the Social Security fund and it prevents people who aren't citizens (illegal immigrants) from working (unless the business wants to get shut down :P). If you want to work for companies that don't report their employees income then by all means don't use a Social Security number!

Re:Privacy and Online Stalking

[Ephro]

Accually it's really not. Social Security numbers are only for US Citizens. If you give up your US citizenship you no longer have to pay taxes, be drafted, etc, etc, etc, nor do you have a social security number. Now this sounds BAD, but we are in all citizens of our repective states. To get a visa, drivers license, etc you need to be a state citizen, in fact 000-00-0000 is a legal SSN, as held by the Supreme Court that you can put on any job application. Being a US citizen is a contractual agreement, just as taxes are a contractual agreement, hence names like 'Tax Code' (which I recommend reading some time.) Because it is a contract you don't have to agree to the terms and withdraw from it; this is NOT so with state taxes. The social security fund that you use as evidence of needing a SSN, is again allowed under the contract, so if you are not a member of the contract you do not have to pay into it. It's very simple really.

For further thought, think back to high school government. The Federal government can not make any laws they are not expressly allowed to by the constitution. This is why Federal taxes are not laws, and it is handled through a contract. It's some interesting reading. Take a look at the contracts and Supreme Court rulings around the turn of the century if you don't believe me, or anyone else who is interested can email me at ephraiml@crosswinds.net, I would be estatic to have further discussions.

great

[chowda]

Boy, it's always such a treat when the government decides to regulate something else! Where would we be with out regulations... more free and less paranoid? naaaah.
------
www.chowda.net
------

Idiot. Everybody has root on your system.

[roystgnr]

Nobody has 'root' on my system.

Wrong. Everybody has root on your system, in fact you have no way to prevent people from having root on your system. If a Linux application gives a local user unrestricted access to the computer, it's a horrible security bug that causes frantic warning emails to fill inboxes and newsgroups worldwide. If a Windows application manages to restrict a local user's access to the computer, it's a technological marvel built on a shaky foundation.

That is because I don't run a time-sharing system,

Unless you're really using DOS, this is untrue. BeOS and Windows9x are both multitasking systems, and Windows at least provides better mechanisms than Linux for allowing malicious processes to *hide* themselves from the user.

where the whole system is structured so that multiple users can wait poised to do things I don't approve of.

What, you've never heard of Back Orifice, NetBus, BO2K, or even the trojan "movie file" that's been bouncing around the net this morning?

My single-user operating system (BeOS, Windows 9x, DOS, whatever OS you choose to hate, Slashdotters) doesn't have a root account.

Yes it does. Root is the *only* account it has.

The only way to get that power on it is to sit down at it.

Or to get you to run a trojan Word document, VBscript, or executable (like millions of people have, for multiple different trojans), or to get you to run a malicious ActiveX applet, or to exploit a buffer overflow in any of a number of old versions of IE, NetMeeting, various FTP daemons...

You're not going to be allowed to do that, by the way.

Oh, you've never let anyone else sit down at your computer? You've never even left your computer alone while you weren't in the room? You're not a common case, you realize that?

Besides, who needs to sit down at your computer? I just need to burn my trojan backdoor to a CD-R and stick it in your drive, if you're one of the 99% of users who hasn't disabled autorun.

Or hell, I just need to sell you some nice closed source software or give you some shareware with a proprietary internet protocol, and upload whatever I want in the data stream. How many different companies wrote software that's installed on your computer? Do you realize that every one of those companies have "root" access? Do you trust all of them?

Re:This *is* a good idea

[titus-g]

If your private key is stolen then it's a matter of decrypting your password. Ever tried L0phtcrack?

this is why where possible (e.g. G?PGP etc) it is better to use passphrases mine are all at least 4 words +, with numbers and non \w chars, easier to remember as well.

and yeah i know, most people aren't going to do this . . .

means you are going to have to be damn sure about anyone you let near your pc as well (repair persons/tech support/consultants etc), it's a fairly trivial matter to put in a keyboard logger and they might just doing this job for a couple of weeks and then off to a nice mansion in the country. right now the greatest protection you have is that most of the stuff on your (private) pc just isn't worth the hassle.

and a higher level of security on the majority os will be essential, take for e.g. the trojan mentioned on a previous thread, now it just sends your ip and dun details, maybe the next version will just stay quiet for a day or 2 waiting for some real juice.

do we really need this? it makes things more conveniant, but how conveniant do we want life anyway, just imagine in the future when your most important descision is choosing baby's new chair, with inbuilt massage to prevent muscle atrophy and drip lines for food and caffeine.

This is an exception

[/]

This is one of those areas of the law where all we need is a standard to agree upon, and it doesn't matter too much what exactly that standard is. It's no more oppressive than having governments regulate what gauge the railroads use.

Re:Oh Joy

[YoungHack]

You're kidding of course. The knapsack problem
has a long history of cracks. Look it up.

Oh Joy

[Greyfox]

Marvel at the snail like pace of the makers of our laws. By the time they've decided on this, we'll have computers fast enough to factor the primes, crack the keys, and render this technology useless.

Keep up the good work, guys...

Re:Oh Joy

[/]

But not if the law explicitly enumerates the key length. And it's not one of those things that can be conveniently indexed against inflation, for example.

Re:Oh Joy

[jovlinger]

I presume that you were being feseatious (sp?) about the knapsack problem. It can be very sucessfully attacked with dynamic programming -- I think. I know it has been shown to be unsuitable for a one-way function.

However, elliptic fields still resist many of the tricks that apply to normal number fields.

Ah, heck, I'm talkin' outta my ass again. I'm just repeating this like gospel, and I'm probably not remembering it right.

Re:Oh Joy

[benwb]

The simple knapsack system was broken back in the very early eighties by shamir- and the iterated one not the long after (although I can't remember by who off hand).

Re:Oh Joy

[tringstad]

But not if the law explicitly enumerates the key length. And it's not one of those things that can be conveniently indexed against inflation, for example.

True enough, and that would just be another example of Good Idea, Bad Implementation.

Hopefully though, the law is intended for it's stated purpose, and not just another way for Big Brother to destroy anonymity by tracking people after requiring them to use signatures.

Here's the offical House Committee on Commerce News Release, and the Conference Report (.pdf), anyone got a link to the bill in question, "S.761"? It's strangely missing from the site (or at least not anywhere I can find it), even though the ConfRep is intended to accompany it.

-Tommy

Re:Oh Joy

[pete-classic]

This is "normal operation."

The US government is designed to be a plodding, ineffective beast.

It is harder for a governmnet that can't get out of its own way to trample the rights of the people.

Before you flame me, note the use of the work "harder."

-Peter


Slashdot cries out for open standards, then breaks them.

Re:Issues of security

[crypto_creek]

Actually even fingerprints can be forged. There are an awfull lot of issues here that need to be raised. What if some company starts using your electronic signature for purposes other than what you originally sent it in for? What protections exist? What recouse for fraud? Will this lead to a Federal Department of Signatures? Is this a federal or a state issue? Gee, we have enough issues to keep us busy for the next 50 years. Just because France and Italy have legalized it doesn't mean that the USA should jump off that cliff.

CONGRESS MOVES ME...TO TEARS 0000

[TinMan00]

Your child turns on the computer to do a
book report & winds up with a toyota &
a date with a $1000 hooker.
The moral of this story is don't
type your homework on a cash register.

Accursed Scum

You can be played like a puppet by
stimulating your internal organs with
the effects of a MICROWAVE LASER

Re:CONGRESS MOVES ME...TO TEARS 0000

[TinMan00]

As I understand it, using your pop's E signature to purchase sex is only going ro ruin your sex life.[Howse that for being on topic, & informative too.] Hookers claim they do a better job when working in a private capacity. [ The Robin Hood Syndrome, they used to call it.] Also buying sex on company plastic, [an as of yet undiscussed aspect of so called [E SIGNATURES] will make your widget shrivel [whose size is indirectly proportional to available opportunity & directly related to the number of times you vacuum it] [WARNING: THESE ARE PRECISE PROCEDURES, TO ONLY BE ATTEMPTED BY A PROFFESSIONAL USING THE CORRECT ATTACHMENTS] Howzat for being new & informative in an otherwise exhausted topic. [helpfull advise for yer average moderator who couldn't get an E-Key anyway] You can make many new friends & rid yourself of strange maladies by shouting out in public places "Damn Free Mason, female, fascist, freaks [O.E.S.]are burning my [insert correct body part here] with MICOWAVE LASERS"

Re:e-sigs for EULAs?

[Animol]

Don't give them any ideas... No, seriously, that's probably one of the best ideas for a way to stop piracy - to have to e-sign the EULA in order for the software to work. (I know, I know, it'll be cracked soon enough...)

The Benefits of Digital Signatures

[GrayMouser_the_MCSE]

I'm sure there will be many posts here about the dangers of digital signatures, and forger, and loss of privacy, etc... most of them both valid and rational. But be sure to consider the plus side as well.

Whenever you purchase something online: a cd, a book, software, etc.. you are entering into a contract with the person/company selling you that item. If you purchase an item in a store, you must either provide cash or credit card with a signature. This adds validity to these contracts which protects both the merchants and the consumer in the case of fraud/bad merchandise/insert other *bad thing* here.

This also enable more sophisticated business to transpire online as well. Opening up stock trading accounts. Purchasing real estate. Leasing cars. All things that require specific contracts, and which involve mail delays if the persons involved are not physically close to each other.

Yes forgery and privacy issues will be found here, but Guess what? Cases of forgery and violation of privacy occur with written contracts too.

I think this a necessary thing, which like all other things, must be used carefully and with both eyes open.

Re:Are digital signatures that authentic?

[CharlieG]

The way PGP gets around this is the your PRIVATE key is actually encrypted, with the password that you supply. Your Private Key is decripted, used to sign your message, and then the decrypted key is purged from memory. You see, the average password that people try does NOT have anywhere near 4096 (or even 1024) bits of entropy

So, even if they GET your private key, they still have to crack THAT - now if you picked a GOOD password, that'll be HARD

a REAL good password might be something like

ad;i^#klh354oh534)(*&^vefg!@!168TR$%

but that's kinda hard to remember

a BAD password would be "Clinton"

and OK Password might be

This,## Is a\\ someWhat678OK,.Passwrd

Re:Not until we have secure operating systems

[KilobyteKnight]

Making digital signatures legally binding scares the shit out of me.

Why is that any more scary than signatures made from scraping ink across paper? Don't you know children are taught how to do that? Why, a clever person could use that ink scraping knowledge to forge a signature.

Re:Forging signatures

[gfecyk]

The simple way to get around having to crack the keys is just going to the client and copying the keys straight. Now the forger has an exact copy of the keys needed to make digital signatures for John Doe

How do you sign the messages with John Doe's private key without his passphrase? If J.D. was stupid to have a simple or easily guessable passphrase that's his fault, or if he were stupid to store the passphrase on the same computer as the private key.

Re:security

[mikpos]

Big deal; you can do that in real life, too. Unless the US has suddenly become a police state and the entire society is based on mistrust, there is no reason for this to be 100% secure.

Re:Beware signed EULA

[Fesh]

Yeah, I was wondering the same thing. Can a click be considered a binding signature when you can go and sign documents with an "X" in meatspace? (Not that one would want to, but as far as I know, making a mark is just as valid a signature as writing your name [IANAL]...)

--Fesh

Click-Wrap Software Licenses

[GroundBounce]

Could this inadvertently help make "click-wrap" software licenses more legally binding for software purchased over the internet? After all, with a digital signature, the click-wrap license now can be made into a signed contract.

Congress spanks

[Mr804]

congress needs to worry about lowering my taxes and not stupid crap like this.

Heh. Everybody has root on my system, too.

[roystgnr]

I just found out (in an unrelated conversation at work) that a friend of mine hacked into my dorm computer three years ago, when I was running Win95 (I forget what release) and it had a remotely exploitable SMB service. Good thing I didn't keep anything sensitive on it at the time, huh?

Re:Bad idea

[Lord+Kano]

I realize that it's not as simple as cut and paste, and perhaps I should have explained that.

Re:biometrics verification systems

[Goonie]

A guy on my department has written about these - the basic problem is that if somebody does figure out a way to imitate your hand/signature/retinal characteristics (and, remember, they can get access to the data because the whole data has to be stored for comparison, not just a signature) you're in trouble. It's rather difficult to get a new, non-compromised retina :)

Certificate Authorities

[wls]

It's not the digital signatures, but who controls the certificate authorities that scare me.

After that, it's just a matter of legislating that to provide certain services or present certain content you need a government certificate or you can't do business.

Re:Certificate Authorities

[wls]

Actually the certificate authorities say "WE BELIEVE YOU ARE THE PERSON YOU SAY YOU ARE." If you trust the CA, then you may implictly trust.

However, that isn't the point. And while many of the activities can be done without SS cards, money, etc. It could be a little tougher on the net to maintain its more unregulated state. I didn't say impossible, just tougher.

Frankly, I used to hold the exact same position articulated above... But Lawrence Lessig makes an excellent case in Code and Other Laws of Cyberspace [IBSN 046503912X ] about the implications government controled CAs have. I still thought there was no big deal until several chapters in, when I realized it wasn't the technical issues, but the legal issues. It gives the government a tool to put its cold grasp around things it can't get at right now.

Don't be so quick to dismiss the long term effects.

Re:Certificate Authorities

[PD]

I am well aware of the long term effects. I am well aware that it gives the gubment a tool to get at things it can't get at right now.

I want this to happen. Signatures suck right now and we are all vulnerable because the gubment hasn't mandated digital signatures.

I don't buy the conspiracy theories. Show me three people who can keep a secret, and only then will I believe in conspiracies. Federally mandated digital signatures will make my identity more secure. I will be able to PROVE that I didn't sign that credit card application, so I don't owe money for the bill.

Better yet, make that United Nations mandated digital signatures. Once our government is out of the way, my security will follow me around the world. (that last part was written for the conspiracy theorists out there)

Re:Certificate Authorities

[PD]

That's just crazy talk! It doesn't matter that the NSA holds the root certificate. You don't have to like them or hate them. They don't have to like you or hate you. In fact they could very well hate you. It wouldn't matter because you're going to be about 5 levels down from them.

All the certificate authorities do is say "YES YOU ARE THE PERSON YOU SAY YOU ARE." That's it.

And I'm not quite sure why you're so worred about a possible requirement that you might need a government certificate. You already need a government certificate to get a job. It's called a social security card. You need a government certificate to drive a car. It's call a registration. You need a government certificate to buy groceries with cash. It's called a dollar bill. You even need a government certificate to be born. It's called a birth certificate. It's about time that we had a government mandated digital certificate to prevent serious problems like identity theft and forgery. It scares the hell out of me that just because the government hasn't legislated cryptographic proof of identity into law that some punk kid can fake my signature, get a credit card, and then force me to spend literally *years* of my life working with companies who frankly put too much trust in a line of ink on a piece of paper to straighten out my credit rating.

Re:Certificate Authorities

[B.+Samedi]

Federally mandated digital signatures will make my identity more secure. I will be able to PROVE that I didn't sign that credit card application, so I don't owe money for the bill.

Really? What happens when someone steals your keys and starts making copies and handing them out as party favors? This isn't any different from a handwritten signature except that it can be less secure if you don't pay attention. The only difference is that you can submit papers with your signature on them digitally.

Issues of security

[Langley]

Perhaps the best way to implement this would be to use your thumb print as your private key. That way replicating your private key is virtually impossible.

Of course if you were to disfigure/lose your thumb I guess you couldn't enter any more contracts electronically.

/me sees hordes of people injuring their thumbs before installing new Microsoft products.

Re:Hehehe...

[Phroggy]

Except that France bans encryption, so e-commerce becomes considerably more risky.

I seem to remember that you can disable most of the *cough* security features in Windows NT by simply setting your location to France in the Date/Time control panel.

--

Re:Hehehe...

[GeZ117]

No more, no more, I believe. But I don't have more time, computer auto deconnection in 30 seconds.

Re:My rot13 beats your scrawl

[Eil]

Okay, so much for the pro-anonyminity ./ crowd.

I for one, do not want any company whose purpose is profit, to have access to MY DNA. It's really that simple.

And until the effectiveness and security of the digital signature is proven, I won't be filing too many mortgages over the net.

Re:e-sigs for EULAs?

[Eil]

OFFTOPIC

I'm not even supposed to BE here today!"

LOL! Clerks! I use this line at work all the time and no one gets it. :P

question

[Eil]

I have a question... although these may not be exactly the same thing as what we're dealing with in the post...

I know that some chain retail stores require you to sign a digital touch-screen of some sort with a stylus as a way to verify a credit-card transaction. And I believe some shipping companies (UPS, etc) also do the same thing to confirm package receipt.

Are these technically legally binding or are they only intended to suit the needs of the entity in question?

Who determines the signatures?

[Twanfox]

I just have one thing to ask. I agree that a digital signature is probably a good thing, however, I have to ask.. How will it be implimented? I mean, is it to be like PGP's public/private key system so you can verify that when you give the public portion of your signature to the document, they can verify it against the private half to prove it was you? What's to stop someone snooping an insecured web-transaction from getting this 'public portion' of your signature and reusing it?

IF this is to be implimented properly, I would think it'd have to go on this methodology.. You have a public and private half of your digital signature. The public half is not just two static halves of the same key, like PGP is, but rather your signature plus the timestamp of when it was signed. That way anyone using it would have to act almost immediately to get the signature done right and keep it as valid. Using a static public key would be plain insane to prove without a certainty of a doubt that it was you and not someone who happened to see your key or hack your harddrive.

Another question.. what software would do the signatures? Would it be multiplatform, or Windows only? Would the software be even something the user would need? The very NATURE of the Web is anonymity, to change it and say that doing a transaction over an anonymous webpage now has your signature on it had better be really darn good, else any script kiddie with a few public tools could sign your soul to the devil (as it were). This goes doubly true if you're now going to be held legally bound to the contract in hand.

I, for one, want to see this implimentation before I would ever consider using it. Mearly stating that e-signatures are now legally binding is like saying your neighbor is now married to your wife. Unless you have a good way to prove it, I see this as a situation of the government attempting to quell fears while not grasping the whole implication and practicality of it all.

Re:This *is* a good idea

[Twanfox]

Along the same lines as the 4th argument "When I get a signed email from some beautiful celebrity who wants to go out with me, how do I know it's her?", who's going to be the repository for all these signed public keys? The government? Verisign? Any of the other authentication services? Are they going to do so for free, or are you going to have to pay to get a digital signature?

Maybe I'm thinking about this in the wrong perspective. When I think of 'e-signature', I'm thinking an electronic version of your signature, ie: something you already possess and will uniquely identify you (within a small margin of error). Are E-Signatures going to be something that most people will have, or are they going to have to register with a signature company in order to get one? I tried browsing over to the named congressional links page from this one, but didn't quite find out what the definition of this term was to be.

premature

[jetson123]

I consider this premature. Yes, the technology is ready, but companies seem unable to deploy this kind of technology reliably.

Even in the area of credit and charge cards, where billions of dollars are lost to fraud, companies still use completely unsecure systems.

I have also had several experiences where companies have duplicated electronic records, swapped electronically stored signatures, etc. With paper, fraud is quite possible, but with electronic signatures, both fraud and programming accidents are possible.

And, should there be a dispute, the situation in court is also disadvantageous for the consumer with electronic signatures. With paper, you can always ask them to produce the record. With electronic signatures, it ends up being your security expert against theirs, and they can afford to pay a lot more for their experts.

digital signiture=digital id... mark of the beast?

[dbcowboy]

like the bible says
there will be
no buying or selling without the mark.
so where is the churches on this ?
i consider government a religion minus prayer.
Its easy to fore see the future
you will have a unique signiture (identifier)
you will sign and post your taxes with it
you will do all transaction with it
you will be tracked by it

Implementation?

[qseep]

How can they make digital signatures legally binding without describing what "digital signatures" are? Will there be any minimum standards of key length? Who sets the standards? The federal government? The states? Will we use RSA hashes? A mish-mash of different schemes?

Who issues the keys? Can we make them up ourselves with a random key generator? How do you ensure each person gets exactly one key? Who signs the keys - a web of trust, or some government agency? What happens if that key is compromised?

If the government wants us to use a certain standard, will they release source code for all to work from? I personally would not trust most companies' implementations of digital signature schemes. I would not trust software that implemented digital signatures unless it was open-source, AND thoroughly peer-reviewed. It's far to easy to create security loopholes.

And if we don't watch out, companies could use it to make us sign EULAs, or register software. I'd be wary of any kind of "automatic" signing software. I want to be there at the keyboard verifying it each time with a pass phrase or some such. And I need to be sure that what I'm signing is actually what the computer tells me I'm signing - it would be easy for some software to pull the bait-and-switch.

These issues need to be worked out before the law can be put into effect.

This *is* a good idea

[Somnus]

The increases in efficiency and organization are obvious. However, people are uncomfortable with the supposed security flaws. Some issues which I consider myths:

• It's all over if a cracker takes my private key! Well, would he/she not still need a passphrase? Just make sure passwords are not cached (this, I admit, is the weak link). Also, you can issue revocation certificates; even if someone else knows the passphrase and has your key, they cannot revoke a revocation certificate.
• Then the government/corporation/slashdot-satan-for-today will know who I am! Yes, just like with your handwritten signature on any official document, esp. those requiring notarization.
• My encrypted stuff can be cracked! This takes an immense amount of computer power, and most people are simply not that important. How would you encrypt things at all without computer cryptography? You could be like Richard Feynman, and create codes with your spouse to send encrypted hand-written love letters, but I personally don't have the time or mischievious inclination for that.
• When I get a signed email from some beautiful celebrity who wants to go out with me, how do I know it's her? That's why all public keys that matter are themselves signed by authentication services, like VeriSign. For personal keys, use these services or maybe the notaries at your local banks will catch on to another money-making opportunity.

Any disagreements? Am I missing any critical factors?


*** Proven iconoclast, aspiring epicurean ***

Re:This *is* a good idea

[Malc]

"It's all over if a cracker takes my private key! Well, would he/she not still need a passphrase? Just make sure passwords are not cached (this, I admit, is the weak link). Also, you can issue revocation certificates; even if someone else knows the passphrase and has your key, they cannot revoke a revocation certificate. "

My encrypted stuff can be cracked! This takes an immense amount of computer power, and most people are simply not that important. "

If your private key is stolen then it's a matter of decrypting your password. Ever tried L0phtcrack? It can brute force crack passwords on my P2 450 pretty damn quickly. You cannot guarantee that people will have hard passwords. As time goes by, computational power will make any of todays cryptography obscelete (sp?).

For a revocation to work, surely you would need to know when your keys were stolen? It's not going to be acceptable that you can revoke all existing documents that you've signed.

"Then the government/corporation/slashdot-satan-for-today will know who I am! Yes, just like with your handwritten signature on any official document, esp. those requiring notarization. "

Yes, but unless the hand written document is scanned and annotated, a computer-based search will not turn it up. Of course, this is the biggest problem doing anything on the internet. Records of people's postings to the Usenet will be available for the rest of their life, forming a profile that might incorrect of where they are at that point in time.

"When I get a signed email from some beautiful celebrity who wants to go out with me, how do I know it's her? That's why all public keys that matter are themselves signed by authentication services, like VeriSign. For personal keys, use these services or maybe the notaries at your local banks will catch on to another money-making opportunity.

That's assuming that there is a failproof validation method when issuing the keys. What's to stop somebody creating a false profile in the same way we have domian name squatters registering internet domains in advance?

I scanned my signature in so that I could attach to faxes from my computer. I've been very careful not to email documents to people with signature though. Of course... it could still get stolen now.

Re:This *is* a good idea

[Kaa]

It's all over if a cracker takes my private key! Well, would he/she not still need a passphrase?

(1) Most people "for convenience" would store their passphrase (heh, dream on. It's going to be a password, something like 'secret') on their hard drive, right next to the key itself.

(2) Even if by some stange twist passwords would not be stored on the same hard drive, possession of keys gives you the ability to brute-force passwords off-line. This is highly practical and successful (AFAIK >70% passwords cracked in real-life tests)

Then the government/corporation/slashdot-satan-for-today will know who I am!

That's the wrong objection -- mostly they know who you are anyway (a signature from an unknown party is basically worthless). The point is that in the brave new world a record of your actions would be already digitized and stored on a drive/tape somewhere. This makes it os-so-convenient to cross-index and store this stuff for enternity -- just in case, you know...

My encrypted stuff can be cracked!

And what does this have to do with the validity of electronic signatures?

When I get a signed email from some beautiful celebrity who wants to go out with me, how do I know it's her?

You don't. All a public-key system guarantees is that the entity which signed this particular message has been in possession of a certain private key. There is nothing which associates a number (key) with a person. This, of course, makes the whole thing vastly more complicated than most people imagine. What you call "authentication services" help but a lot of problems still remain.

Kaa

Re:This *is* a good idea

[iabervon]

The main actual objection is that it's likely to be implemented in software by a certain company, and their implementation is likely to be possible to activate automatically. Then you can have a virus which signs documents if you use your key while you have it.

What about a virus with a license that absolves the author from responsibility for damages which signs the license with the victem's key?

Key storage (even in memory) will be a major problem for Windows, even with a good implementation, because Windows doesn't have very good memory protection or system protection.

Ideally, the only approved implementation would be in specialized hardware which cannot be made to give up the private key, and will force the user to at least scroll though the entire text they sign. I would expect some PDA-type thing with a IO connector. Not that people couldn't sign with other devices, but the government would have warned them about the risks of using a software version or interface.

What else does this bill provide?

[coyote-san]

Is this the same bill that had other gems "expediting" business transactions over the net, e.g., allowing companies to send e-mail in lieu of paper mail, even certified mail, without requiring any type of proof of delivery to the receipient?

The risks of that should be obvious. I already get enough crap from companies insisting that they gave me plenty of notification of rate changes/fee changes/etc in the 5-point print on the bottom of a statement bundled with "valuable information" on return address labels, travel clubs, $10 'CD' players!, and similar junk. Now they can just eliminate even that step and just mail it to me at "friend@public.com" and it's totally my fault that the message is dropped as spam by either my ISP or myself. *sheesh*

I must remember. No email is ever misdirected. No email is ever lost. All mail I received should be carefully reviewed, in its entirety, for important information. I must always run attached Office and VBS documents - it might contain a self-extracting signed document concerning some critical financial issue such as my long distance charges (which average less than $20/month). And in a totally unprovoked dig, MS Exchange only has problems because of all of those unconfigurable sendmail servers. :-)

Love Letter contracts.

[blueforce]

Hmm. How long before the new "Digital Contract" virus hits corporate mail servers around the globe and the world is faced with contract disputes from this?

Bad idea

[Lord+Kano]

I know that pen & ink signatures ca be forged, but a digital sig would (at least now) would be FAR TOO easy to copy. They're going to make this easy for the morons with their first computers (Presario) to use. What does that mean? It'll have to be less secure. People would rather it be easy than secure.

So let's say that someone intercepts a digital signature on a Non-Disclosure Agreement or somesuch and then types up an agreement saying that they've already given you $X in cash and in exchange you agree to give up your house and then tacks that intercepted sig onto the bottom. You'd actually have to spend money on a lawyer to keep your house.

Until we have universal standards for STRONG crypto, I think that this is a BAD idea.

LK

Re:Bad idea

[jovlinger]

A digital signature encrypts a secure hash of the document. You call it a secure hash because to find another document that hashes to the same value should require brute force search.

This is not the case with CRC32, in which all you need to be able to do is to arbitrarily be able to control 32 consecutive bits -- and those bits can be calculated efficently.

Typically a 160 bit hash is used.

So no, you can't just tack on a signature to another document.

Re:Bad idea

[Johnath]

So let's say that someone intercepts a digital signature on a Non-Disclosure Agreement or somesuch and then types up an agreement saying that they've already given you $X in cash and in exchange you agree to give up your house and then tacks that intercepted sig onto the bottom.

Unless I'm reading you very wrong, it would seem that you are unclear as to how a digital signature system would work. It's not a matter of just attaching some generic signature to the bottom of a file. The signature that is attached is a result of using your private key, which is never transmitted (and hence not intercepted) to encrypt a hash of the document being signed. If you removed the signature and attached it to a different document, if you even correct a spelling error in the document, the hash of the message is thoroughly altered, and thus the signature is no longer valid, since decrypting it does not produce the correct hash. Such a signature can thus not be "cut & pasted" onto any document, each signature has to be produced by a person with the private key and the document being signed.

J.

PS - This is not to say that there aren't problems with such a proposal - the cheif one, to my mind, being that everything rests in the security of the private key. But the argument you provide seems to, unless I am misreading you, be moot, since that is not how digital signatures operate.

It'll never happen

How well can YOU draw your signature with a mouse?

Two laws that won't play well together

[dsplat]

Yes, we will have legally binding digital signatures, produced by software with EULAs (made enforceable by UCITA) that disclaim all liability for their security holes and prohibit their competitors and third parties from the very sort of peer review that is considered essential in cryptography.

It's a good thing for some of us...

[neonsam]

IANAL but I work for them. We constantly have docs that people have to sign off on. Everyone involved knows exactly who the other person is, and by the time the agreement or whatever is finished, they all know that then someone has to print it and then it starts the "fedex chain" where it has to be mailed from one person to the next to get their signatures. Usually it's just a signature page they return to us anyway, and if we were unethical could change the document and then attach their sig page. Instead, if this law goes through, the doc never has to be printed. It just gets e-mailed to the people that need to sign it, if someone wants to forge something like that, it will take a hell of a lot of leg work on their part. Not that it's not possible. We already to this to a certain extent with Adobe Acrobat pages - they aren't legally binding but we have a pretty good idea that they are legit.

My Mother can't read my Signature...

[ChiaBen]

How can we expect a programmer (who also cannot read it) to write a program which is supposed to interpret it?

What...?

... electronic signature you say...?

...zero's and one's...?

...ohhhhh. I get it. yeah I like it.

I want to sign the first legally binding Last will and testament online.

...but what will the notary public's do?
regards.

Re:My Mother can't read my Signature...

[Kinjana]

I want to sign the first legally binding Last will and testament online. Too late -- a will was the first document signed under the Utah DigSig Act ...but what will the notary public's do? They will demand large fees from you to pay for their licensing "this bad bad biz process patent">

Re:Not until we have secure operating systems

[Surak]

Let's face it -- 99% of the populace, whether they use Windows (and I'm sure Microsoft will be so kind as to provide a VBScript hook for signing documents or at least publishing private keys, so that virus writers will have a new source of fun), or whether they use Linux (how many desktop-role Linux boxen do you know of that you would consider 100% secure?) is operating insecurely. And that insecurity is going to spell trouble if digital signatures are legally binding, because it opens up a whole new class of forgeries.

*I* would not consider *any* box, regardless of operating system, platform, etc., to be 100% secure. The main issue with security, aside from the fact that -any- security system can be cracked, has to do with the loose nut behind the mouse. Sorry, but when a security system relies on human intervention, well, humans just aren't very secure. :)

Yes, a written signature requires human intervention, but there is certainly less vulnerable than password-based security. With digital signatures, anyone who can physically access your private key, which usually means anyone who can get into your box (i.e., type yoru login and password in somewhere), can get to your digital signature. At least with written signatures, your actual human presence is required (excluding of course forgeries which are another matter entirely, that's why for certain legal documents we require them to be notarized or otherwise certified by a third party).

Re:Not until we have secure operating systems

[Andy_R]

Making digital signatures legally binding scares the shit out of me.

2 reasons why it doesn't scare the shit out of me...

1. Here in the UK we have had binding 'digital signatures' for a while - a faxed signature (digitally transmitted, remember) is legally equivalent to an original signed document here.

2. Surely forging a digital signature carries the same penalties as forging a written one - so we are gaining, not losing security here (as all those anti-forging laws will now apply).

- Andy R.

sig... Y2K, only 47.5 years left to fix those bugs!

My rot13 beats your scrawl

[kwerle]

Consider the current alternative: a scribble on a piece of paper? Yeah, that's secure.

Hopefully they will make this concept legal while not requiring a specific implementation - that way folks who care to can keep the implementation up to date. I trust folks like Visa, etc, to stay on top of this. It is in their best interest (by a long shot) to make this kind of thing work well.

Re:My rot13 beats your scrawl

[Greyfox]

That's why they should make you sign in blood. DNA Testing would pretty much prove your identity should an argument ever arise.

I wonder how hard it would be to run a DNA test on a strand of hair or something less intrusive and unsanatary. If you could store and use DNA for identity verification, you'd have a good 10 to 15 years of solid authentication after which time the cloning scene will probably render that test useless, too.

Re:Not until we have secure operating systems

[hanway]

I'd expect that if digital signatures become recognized, more contracts will start requiring witnesses -- the importance threshold for notarization will drop. The notary public business could really boom.

as with most things technological . . .

[werdna]

. . . these electronic signature laws are wildly overhyped.

There is a vast amount of authority (citations available upon request) strongly suggesting that legal formalities for a signed writing (the so-called statute of frauds) are satisfied by an electronic communication annotated or logically associated with a character or characters manifesting an intent to authenticate (legally, not technically).

In other words, the e-mail:

"Dear bill.

I will buy 1000 Model K frobozinators at $600 per frobozinator to be delivered FOB Tampa no later than thursday. Terms: 2% 10/net 30.

Love, Maria"

would very likely be enforceable under the common law and the UCC -- even if no encryption or other technical encryption was used. Requirements for signature under the common law are amazingly lax. An X, a fold or tear made in the paper, another's name, a shaving on a cow or even a footprint can constitute a signature.

The reason for an e-commerce statute is to make any question clear beyond cavil, so to clear the way for lawyers to permit BIG deals to be done without a signed writing. Imagine a few dozen lawyers at a $100M closing. The boss for the buyer smiles and signs "Minnie Mouse," or an "X," citing the case law suggesting that the signature is binding. Maybe so, you would say if you represented the other side, you would nevertheless ask a literate counterpart on the other side to sign the document "properly."

Its about eggs in baskets. The law should get out of the way of the technology used for signatures, and ratify any actual manifestation of an intent to sign. (electronic documents raise interesting proof issues, but so do traditional physical documents) The risk of misauthentication and the like is a different question to be decided by those who would USE the signature technology, not by those who enforce the agreements into which the parties otherwise clearly entered.

Re:Not until we have secure operating systems

[The_OSS_Prophet]

Gee and I thought my credit card number was binding enough... Will this mean the e-biz on the other end will finally have to live up to their end of the contract. Or will it only punish the end luser???

Can Melissa sign checks?

[Googol]

Can anyone think of a scenario where a virus signs lots of documents?

Re:Not until we have secure operating systems

[alexandn]

Check out the language in Article 9 of the 1999 revision of the Uniform Commercial Code, which will go into effect in most states in 2001. It already recognizes digital signatures as valid, using the word "authenticated" instead of "signed."

USPTO-- digital sigatures

[canthidefromme]

I registered for my trademark online with the USPTO. Instead of actually signing the document, the form prompts you to type your name in a text field 'affirming that all the previously entered information is true,etc'. If that's not a digital signature, I dont know what is. How can they do this if it is not legally binding?

EULAs

[Phroggy]

Personally, I think I'd have less of a problem with the idea that a EULA could be legally binding if I were made to digitally sign my name to it. I'd be a bit more persuaded to read it before signing, of course.

--

survey on digital signature legislation...

[an_mo]

...around the world here

Re:security

[bugg]

You should trust my PGP signatures
more than a handwritten one.

You can get away with fake inked signatures with
very little information. Faking a PGP signature..

Re:Legal yes, but is is feasable?

[technos]

It's an issue of speed, and ease. It runs a little like the 'Why copy music?' argument.

A real forger has to take significant effort to produce a work that is not easily dismissed. Additionally, the real forger has a significant time investment.

A script kiddy has no significant effort or time investment to produce the same work.

Think about banks. If I wish to close my account, walking away with a $10K cashiers check, the process laboriously checks identification, the signature, and whither it makes sense. Shit, I have the odd problem with my bank calling me because a check I endorsed for deposit while riding in a moving vehicle doesn't seem to match. When the electronic bank provides the same service based on my new DigiSig 2.0, some script kiddy walks away with my savings account.

Re:Are digital signatures that authentic?

[David+Price]

Of course, if someone has root on your system, then they can simply install a keystroke logger and watch you type your passphrase, and no matter if it's "ei!6k1n91jk;#" or "password," it's just as compromised. Moral: the security of PGP and similar programs is only as good as the security of the device that uses the private key.

Re:Law in Italy since 1997

[Fitascious]

Key points Loosly translated:
Public-key cryptograhpic digital signature has now become the main tool, using current technology, of assuring the integrity and the source of electronic documents, therefore replacing the handwritten signature in tradiditonal documents.

bla bla bla
Therefore exchanging public and private electronic documents with the same value as their corresponding paper documents is now a reality.
The document goes on to list that certificate holders must be registered and readily consultable, administered by a central authority.
Pretty cool for a country where its still legal to abuse a woman as long as she's your wife

Re:Are digital signatures that authentic?

[jovlinger]

This is partially also the motivation of biometrics. If some of your personal features are incorporated into your passphrase, it should be even harder to fake your digital signature.

When you think about it, this has a nice circularity in that pen-and-ink signatures are pure biometrics.

Of course, serious implementation problems remain for biometrics, in that you want to be able to sign something even though you just had an accident and lost a finger, or had root canal surgery and can't speak normally.

um: Re:Not until we have secure operating systems

[WolfWithoutAClause]

In practice, operating systems aren't secureable without hardware support.

Why?

Simply because the operating system has to boot up. The software to boot the operating system up has to check whether the operating system has been patched, possibly whilst the OS was down.

It can't do that if it too has been patched...

About the only system that can't be patched is actual, bonafide hardware.

The only part of the system that HAS to be secure is the security system itself.

Incidentally the problem about where you store your keys is easy. You store them in a file! They can be secured with a passphrase. Once unlocked they need to be put in the security system in non volatile ram...

Bios and motherboard support is required. Even then the game is up if someone has physical access to your machine and replaces the motherboard... ;-)

Re:Bad things...

[scott@b]

Read the references - you need to opt into getting the electronic form. And I'd bet that you will find that a signed ereceipt will be needed to prove that you received the notification.

Hehehe...

[GeZ117]

This is already voted in France. This time, it's yankees who are late...

Re:Hehehe...

[_xeno_]

Hey, we still consider encryption "munitions." So maybe we don't want to make such dangerous *cough* *cough* things available to the general public... Besides, I wonder if it's legal for a US e-signature to be used in a non-US country? Hmm... Maybe only in countries we don't have export restrictions on, then...

Great, I Can See It Now...

[Coldraven]

"This is NOT spam! One of our subsidiaries which you have done business with received your legally binding signature...to withdraw from our mailing list, merely click the link below, where you will receive instructions to verify your decision to op-out by providing your (wait for it)..."

Please please please

[FascDot+Killed+My+Pr]

Someone please tell me that they are doing this the Right Way: An electronic signature is only legally binding if the software used to encrypt/validate it is "reasonably secure" (i.e. no Microsoft products).

I'd really hate to get in a situation where Microsoft Signature 1.0 (known to the rest of us as "a simple text entry box") is the norm with online merchants.
--
Wanna hook MAPI clients to your Tru64/AIX/Linux server?

e-sigs for EULAs?

[Stephen]

So maybe the software vendors will make us sign their EULAs and send them back. Then the licences might have much more chance of standing up in court. (IANAL).

Re:Security? Is non-existent!

[Kryptonomic]

and why the hell would they all be working for the NSA.

Heh. Good point.

Still, all NSA would have to do is to make an offer that these people simply can't refuse... ;-)

security

[sk1tch]

how do they expect to keep this secure? I could write an internal microsoft memo and sign it as bill gates...

This could be really nice

[_xeno_]

This also could mean that it would now be possible to do paperwork online. Now you could actually submit legally binding forms to the gov't online, and it would be perfectly legal.

It's much easier to send a request to have your car registered through the internet directly to the Registry (guess which New England state I live in :-) then it is to go and stand in line for an hour to pass them a single sheet of paper and then leave.

This could also mean you would now have to "digitally sign" the license agreements for all those computer programs. This could have a down side.

Law in Italy since 1997

[an_mo]

Secure digital signature is already legally binding in Italy since 1997. Here is some info (in Italian)

Not until we have secure operating systems

[Zigg]

Making digital signatures legally binding scares the shit out of me.

Let's face it -- 99% of the populace, whether they use Windows (and I'm sure Microsoft will be so kind as to provide a VBScript hook for signing documents or at least publishing private keys, so that virus writers will have a new source of fun), or whether they use Linux (how many desktop-role Linux boxen do you know of that you would consider 100% secure?) is operating insecurely. And that insecurity is going to spell trouble if digital signatures are legally binding, because it opens up a whole new class of forgeries.

Let's pretend, for a moment, that most programmers are good at implementing cryptography and would never, ever write a program that allowed a key to be compromised by its use. (Hell, I don't trust any programs I write with my private keys.) Even if you've got good cryptography software, where you store your keys is probably going to be compromisable by an enterprising cracker.

Before anyone even considers making digital signatures legally binding, how about requiring this binding to only take effect if the document was signed by an approved smart card? Make it a parameter of the signature, and make it illegal to write software or create unapproved smart cards that set that parameter.

Re:Not until we have secure operating systems

[kennylives]

Before anyone even considers making digital signatures legally binding, how about requiring this binding to only take effect if the document was signed by an approved smart card? Make it a parameter of the signature, and make it illegal to write software or create unapproved smart cards that set that parameter.

Nope. This kind of thing strays into the concept of trusted clients, and that's just not going to fly. We'd end up in the same situation that led to DeCSS and the like.

Almost certainly, the only clients that will set that parameter will be Win32 clients (and maybe Mac). Then some brilliant individual decides that he wants to be able to set the parameter through Linux/*BSD/whatever, and we know how the story goes from there. Unfortunately.

Re:Not until we have secure operating systems

[randombit]

Good point... many times it's not the algorithm that's the problem, it's how people go about the exchanging of keys, storing the keys, etc, that compromise a system.

Almost every time, actually. Ross Anderson did a study of ATM systems some years ago, and found that almost all were insecure due to bad implementation, system design, or human errors (rather than attacks based on the algorithms used, typically DES/3DES and RSA).

Re:Not until we have secure operating systems

[orpheus]

I have many concerns, too.

1. While handwriting analysis is more of an art than a science, it is rarely used in court when there is ny alternative. People comprehend the weakenesses, and it's easy to find counterexpert.
2. They'll parade the "billion keys a second 'til the end of time" number, as they do (incorrectly) with DNA evidence. It will appear to be the strongest evidence imaginable -- even stronger than an eyewitness ID (which has been shown to be surprisingly weak)
3. The crypto is a strong link in a weak chain, but it is the part that will be scrutinized in court and in the approval process. E-sigs are no better protected than the sum of the security flaws in the computer, account, human memory used to store passphrases and keys, etc. Expect the pasphrases to be protected as well as other important private data is - if so, a burglar or guest may find the Post-it under your mousepad and steal your identity
4. I would prefer a *physical* e-card for signing over software solutions. Users (and jurors) would understand the use and protection of a physical objects, and its theft would be easily detectable. It can also present options in easily understood buttons.
5. However, I expect legislators and citizens to strongly reject smart cards, leading to weaker security and privacy overall
6. There has been a lot of work in cryptography to establish systems that are identifiable (this e-sig belongs to this identity and to this document), authenticatable (this e-sig must have been generated by this person), non-repudiable (cannot be denied), and anonymous (it is not necessary to know who I am for me to buy a newspaper -- I should be able to create completely anonymous accounts, and pay out of them), and user-controllable (the amount of info from the list above that is released in the transaction should be user controllable) I don't think legislators will incorporate all these features.
7. I expect citizens or legislators to reject the card. However, and e-sig system that does not have these options will result in far less security and privacy for the citizens in the end.
8. The fact that all this (and other, far more technical concerns) are not immediately obvious suggest that Citizens will not use/protect their signatures properly. People alredy 'sign without reading' all too often. This will make things much worse.

Re:Not until we have secure operating systems

[Ed+Avis]

IIRC a problem with earlier proposed legislation was that a digital signature would be legally binding, even if forged.

In other words, if a cracker manages to use your signature, it is binding on you even if you can prove that it was a forgery! This is not the case for written signatures AFAIK.

Does the new version have the same problem?

Signatures are not the issue

[werdna]

You are confusing legal issues here. The concern (legally) over EULAs do not relate to lack of a signature. Some remedial business law:

You do *NOT* as a matter of course require a signature to enter into a contract. Period. If I offer to sell my rabbit to you for $50 bucks, and you say yes, we have an enforceable contract under the law of 49 states (I am not sure about Louisiana law, but who is?).

A signature is only required, generally, when a specific provision of law or common law (known as the statute of frauds) requires it. The most typical scenarios are:

(1) transfer of rights in land; and
(2) transfer of goods in excess of $500.

(Which is why software licenses often expressly provide that they do not involve the SALE of software).

There are a few additional scenarios relevant to copyright license rights -- exclusive licenses or transfer of copyrights itself (as opposed to copies of a work or the sale of a license in the work).

Accordingly, the vast majority of EULAs do not require signatures. (Although this is an argument frequently raised against them by lay audiences). An e-signature provision would not raise new legal issues.

The issue with EULAs is the dual arguments that: (1) I never agreed to the EULA; (2) I only agreed to the EULA after I had already paid for and received my copy of the work, hence there is no consideration for the EULA; and (3) Under the UCC, the timing of the post-sale writing, which materially changes the agreement, violates Section 2-207 (battle of the forms) and is therefore unenforceable.

As a matter of course, by the way, these arguments have failed. The only Circuit Court opinion directly on point is ProCD, which held that the agreements are enforceable at the end of the day. Other appellate opinions held certain provisions unenforceable under other rules of law, but not on the ground that no contract existed.

Finally, note that "digitally signature" under the new law does not require any form of encryption or authentication. A simple typed "Love, Mom" will suffice.

Electronic signatures are very insecure...

[cnvogel]

If I sign something with a GPG/PGP/S-MIME/X509/... key stored on my harddrive, I know that there are 100 ways to steal this key (and 100 ways to snoop my passphrase...) so I would say this is *very* insecure and anyone (with enough time and money) surely would be able to sign anything he wants using these methods.

But even if we assume, that I own a chipcard with embedded unbreakable public key encryption which hides my key from everyone (including myself, so I (or someone stealing my card) cannot store this key on some external media)... How can I be sure, that I'm really signing this contract in exactly the same form I am looking at on the screen right now?

The Chaos Computer Club has demonstrated[1] how you can use someone's chipcard-reader over the net. Banks using chipcards for electronic banking are too miserly to use terminals which include some form of display (which might say: You are now signing a transfer of $1234...) for feedback right from the card.

But I'm sure, when signing a contract of well... let's 20 pages of text, only some form of checksum will actually be transfered to the smartcard...

Will the display then read: "You are signing a document whose md5-sum is 68b329da9893e34099c7d8ad5cb9c940?"...

On the other hand, anyone can read my credit-card-number if he happens to find a copy of a receipt in some store's trash, so electronic signatures surely will improve the security of these transactions...

[1]http://www.heise.de/newsticker/result.xhtml?u rl=/newsticker/data/nl-03.05.00-001/defaul t.shtml&words=Chipkarte

Re:Electronic signatures are very insecure...

[scott@b]

It all depends on how much you trust the software you're using. > But I'm sure, when signing a contract of well... > let's 20 pages of text, only some form of > checksum will actually be transfered to the smartcard... > Will the display then read: "You are signing a > document whose md5-sum is > 68b329da9893e34099c7d8ad5cb9c940?"... The software presents you with the document. It calculates the RIPE160 & MD-5 & SHA-1 sums for that document. You type whatever text you want in you signature area, which also gets automatic stuff such as UTC inserted. The sums for that are gen'd. Those sets of sums are passed to the smart card, which spits back a magic cookie. The program sticks the sums and the cookie into the signature section of the document. Anyone wanting to verify the signature passes the entire document through the verification operation. This validates the signature block including the sums therein; if good then it confires that the sums match those created from the matching section of the document.

UCITA & Clickwrap & Electronic Signatures

[gdyoung]

This combination scares the crap out of me. Now all those shrinkwrap licenses will have even more binding power than the UCITA offers. Now your "accept" button that you click without even thinking about it, signs your soul away in a perfectly legal fashion. Frightening....

biometrics verification systems

[tokengeekgrrl]

Yes it's feasiable because it's something the government needs desperately in order to automate its mountains of paperwork that it requires in order to maintain accountability to the public.

The problem of forging or stealing digital signatures is of primary importance and concern (atleast it was back when I was working for a state court system). I don't think encrypted digital signatures are the way to go at all. I see government, in particular, using some sort of biometrics system to verify signatures (captured via pressure sensitive electronic pen and pad), voice, face, fingerprints, or iris and retinal scan.

Here's some more general information for whomever is interested:

www.finger-scan.com
www.facial-scan.com
www.retina-scan.com
www.hand-scan.com
www.voice-scan.com
www.signature-scan.com

- tokengeekgrrl
"The spirit of resistance to government is so valuable on certain occasions

Re:biometrics verification systems

[BenByer]

Most biometric systems seem extremely hard to fool. Take Iris scans for instance. Most that I have seen check the iris pattern multiple times. each time they check, they make sure the iris has changed size (your iris changes size continuously) and changed position in relation to your face. Many also check for heat signatures. I cannont think of a way to fake this. pictures would not work. contacts with and iris pattern painted on would not work (size checks would prevent this), and dead bodies held in front of the camera would not work. The only way to comprimise this is kidnapping, but then if they are willing to go to that extreme the security of the system doesnt matter.

Re:Geeks should work without laws

[FascDot+Killed+My+Pr]

"The transactions taking place [on ebay] are legally binding."

Ummm...no, they aren't. They are "ebay binding", but they aren't legally binding.
--
Wanna hook MAPI clients to your Tru64/AIX/Linux server?

Re: prior signatures

[coyote-san]

Strictly speaking, many types of contracts don't need *any* signature to be legally binding. Unless one is required by the Statue of Frauds all a court needs is proof that both/all parties agreed on mutually beneficial acts and that at least one part did an overt act in compliance with that understanding.

In other words - a verbal contract. :-)

*So*, in many cases if two parties exchanged digital signatures in the expectation that they were binding then they were, in fact, binding. If the contract was covered by the Statue of Frauds and they exchanged traditional documents stating that digital signatures would be considered binding for the purposes of the SoF, then these signatures would be binding. If they tried to use only digital signatures for something covered by the SoF, they were never binding.

Even in the case where one party exchanged digital signatures with the expectation that they would not be binding, if the other party/ies thought they were doing a good-faith negotiation then these signatures would probably be declared binding for the purposes of a criminal complaint for fraud.

The only thing this bill really does is 1) state that digital signatures are acceptable under the SoF, so you can buy real estate and the like with them, and 2) deny shady characters the chance to try claiming that the digital signature "wasn't really valid" in hopes that the other party will give up and walk away from a legitimate claim.

Bad things...

[nahtanoj]

I fear that I now can see bad things stemming from this. Suppose that now the government and businesses are allowed now to electronically notify you of such things as invalid licenses, etc. Suppose you do not get this notification? "Sorry sir/madam, but our records show that you were notified..." Bad things. I think I still want any and all notifications in hard copy. I do not trust beauracracy to be that nice as to give second notice on anything important.

Ciao

nahtanoj

Re:Are digital signatures that authentic?

[gulped]

heck, if "someone" has root on your system, he can just change your password.

moral: you better have a trustworthy admin

Legal yes, but is is feasable?

[technos]

So what? I can now give assent to a contract over the net. But how we can keep others from 'forging' our signature on these new binding declarations is another issue entirely, and is the one we should be asking ourselves.

How can we keep ourselves safe in a time where all but the beefiest encryption schemes are crackable on commodity machines and any determined script kiddy can clone a magstripe?

Forging signatures

[Kinthelt]

The first thing that struck me about the dangers of digital signatures is the possibility for forgery.

With "conventional" signatures, experts can determine if a signature was forged two ways: Either the signature is an *exact* copy of another signature (something that a person cannot do accidentally), or there are small subtle differences in writing style.

As for digital signatures, there is no way to show they have been forged. Every signature is exactly the same! Yes, I do understand that the crypto keys used would be so big, it'd be impossible (read: improbable) to figure out what the private key is. The simple way to get around having to crack the keys is just going to the client and copying the keys straight. Now the forger has an exact copy of the keys needed to make digital signatures for John Doe.

So, to make the whole digital signature thingie viable, computer security (the actual computer, not the network) has to increase. That would mean getting rid of PCs, as there is not a single PC in the world that can be secure (crack open the box and wipe the BIOS to get around boot-up passwords, etc).

Beware signed EULA

[c_a_moffitt]

Is anybody else afraid that these digital signatures could be applied to future software EULAs giving them actual real power?

Please digitally sign here in order to install the software that you have already opened and can no longer return. Oh, this means you have already read the 50 pages of draconian fine print with your lawyer present.

Craig

Re:Beware signed EULA

[jamesn9798]

This actually might be a very good thing. Consider this: If Congress passes such a bill and software manufactures use it as a way of actually enforcing their user agreements it just may force the issue of open source development and more importantly the freeware/shareware issues. After all if M$ requires you to provide them with an e-signature that CAN be forged before they allow you to install the latest version of, oh lets say IE or Office, and Corel makes an product that is just as functional without said e-signature. Are you not going to be inclined to use the Corel product rather than the M$ product? Espically if that same FORGABLE e-signature is tied to your credit record (which it will be).

If they know what they're doing...

[fredbevins]

This is indeed progress, but we've seen how when high ranking officials don't understand the technology they're dealing with, things can get out of control. (ie PATENT LAW) It would be nice if some 3rd parties came up with some fairly good ideas on exactly how the implementation should work (authentication, etc) so that this doesn't become another huge disaster that the federal governement can easily make of such technology.

Re:Geeks should work without laws

[FascDot+Killed+My+Pr]

"I say to let the market handle these things."

If only we could. But note the word "legally" in "legally binding". If you and I have a contract signed with non-legally binding signatures, and one of us backs out the other one has no recourse.
--
Wanna hook MAPI clients to your Tru64/AIX/Linux server?

Hum...

[GeZ117]

From what we can see in some southern countries (or am I under the influence of my "european leftist propaganda" ?), with creationism teached as a theory as valid scientifically as Darwin's evolution, I would have posted this joke differently: "I work for the gov't and I confirm we have plans to make bible reading obligatory each days in all federal states. We have been working very hard to hide the truth from people (that the Earth is not 6000 years old) and now we need to act on the next phase of our plan".

I can sense flames coming...

Are digital signatures that authentic?

[(void*)]

Pardon my ignorance, but how can digital signatures be that secure? I may store my private key in my account, but if some hacker gains root on my system, he would have my private keys. Can I then deny that I ordered that plastic dildo from sextoys.com?

Of course, this is not to say that traditional signatures aren't that secure. That's even more easy to fake, if you think about it.

So what gives? Are we saying that both signatures are equally valid? One is more valid than the other? Whatever the case, we should recognize that the authenticity of the two are different, and treat with differing degrees of authenticity. Exactly how, I don't know. I would like to hear from the experts though, on how we should handle our digital signatures.

Is the current infrastructure (i.e. none) on the net adequate? Do we need escrow services?

Re:Are digital signatures that authentic?

[WolfWithoutAClause]

Correct. Under any sensible system, a passphrase is required to access your private key.

Trouble is, under PGP or any other UNIX system, root can install a new kernel or PGP program that can record your passphrase elsewhere as you enter it... and they also have access to the unencrypted data as well.

RSA-38 has never been considered secure.

[rjh]

I am an InfoSec professional IRL, but this is not professional advice.

==========

Ref: point 2, "Remember when 128 bit keys was way too big to be factored? I do, and I'm all of 28 years old."

128 bit keys were never considered too large to be factored. Various people were positing RSA-129 as being secure back in the '70s, but that was 129 *decimal digits*, not *binary digits*. (I may be off on the exact 129 figure--it was about that, though.)

To brute-force a 128-bit number requires you check every prime through 2^64. This is not very difficult. Using an intelligent factorization algorithm will make factoring a 128-bit number trivial.

To give a rough comparison, 2^20 is approximately equal to 10^6. 2^20 raised to the sixth power is 2^120, add on another factor of 2^8 (which is approximately 10^2)... you're looking at 10^6 raised to the sixth (10^36) with another factor of 10^2, for a grand total of 10^38.

Factoring a 38-digit number is not very hard. Factoring a few *hundred* digit number is nontrivial. :)

Well done!

[DoronRajwan]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Well done! Do it! Doron. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.5.3 iQA/AwUBOUKoVR2gnDEW5AIHEQKRBACfVWgqf5jz9QuEWBuRX2 HUfjH1zKoAoLWV 5YcMdBr5BPGE8dqV6tGgc737 =N3GN -----END PGP SIGNATURE-----

Re:Security? Is non-existent!

[BenByer]

Yes it is possible that the NSA can decode most or all encryption schemes in common use today. It is, however, extremely unlikely. The advances in mathematics that seem to be needed for this are WAY to big to be all thought of in one institution. And I think that many of the mathematicians capable of such breakthroughs probably dont give a shit about national security, etc, they probably care more about the beauty of mathematics than anything else. There are probably not too many people capable of such breakthroughs, and why the hell would they all be working for the NSA.

What exactly is a "WUT "?

[_Wrath_]

Anyone else catch the ascii in that binary:

"sign-with-a-0101011101010101010101000010 dept."
"sign-with-a-WUT dept."

The space is the what is left of the last binary stream.... ok, back to having a life

Re:Security? Is non-existent!

[BenByer]

If I was capable of breakthroughs like what would be necessary, I would much rather have a chance at a Fields Metal than any salary offered by the NSA. If you are that smart, you know it.

PKI has too many flaws to be binding.

[jcostom]

Bear in mind, I'm a former VeriSign employee. I didn't work in the PKI side of the house. I was the technical manager for the NE region in the security services division (formerly SecureIT).

When you listen to PKI companies give their shtick about how wonderful PKI is and how it will save the universe, apply some simple common sense.

1. Who holds your private key (besides you)? - If you use the VeriSign solution for digital certs (the one where they manage the CA for you), in addition to your users having their keys, so does VeriSign. If you roll your own, your users have their private keys, and probably also the administrator who gen'd it for them (for when the user accidently deletes their keys). How will users store their private keys? On their hard drives? Poor security, easily obtained by a ruthless 3rd party. Floppy? Unreliable medium, more susceptible to theft. Smart Card? Susceptible to theft.

2. Remember when 128 bit keys was way too big to be factored? I do, and I'm all of 28 years old. Even with using 1024 bit keys, it's only a matter of a couple of years before many keys are useless. For the uninitiated, I've got your public key, and can find the prime factorization for a number that is your public key and your private key (for all intents and purposes, it's a bit more involved, but not THAT much more). If I compromise your private key in this way, you have no knowledge that I've done so (unless I'm a big moron about doing it), and I can freely digitally sign documents as if I were you. The signatures will even validate properly. Fun, huh? Maybe I'll buy some stuff over the net with your keys, and have it drop-shipped to a Mailboxes, etc. or some other such place.

3. Complexity of the system - I don't know about everyone else, but my mother barely grasps the concepts behind sending email and pulling up a web page. How's she ever going to understand the how and why it's not only safe, but legally binding to use PKI technologies to enter into agreements?
--

a modest proposal

[grrrreg]

I would submit that the people in THIS forum should RIGHT NOW begin to discuss the ways that this legislation should be formed and implemented, and then we should GET INVOLVED NOW by communicating with our respective elected officials. Predicting that this legislation will wind up as an unworkable mishmash is truly a self-fulfilling prophecy if WE just sit around and bitch about the glacial pace of legal change and the overall stupidity of our lawmakers. One of the reasons that it takes a while to create these regs involves the legislators desire to produce good laws, and the lengths they go to inform themselves on the issues (they really do desire that, for the most part...but, as with any organization there are some members that just don't give a damn or, worse, are actively evil, and that is the reputation that is remembered quickest). Unless your reps are among the bad ones, they really will listen to what YOU have to say, especially if lots of US are saying the same thing.

Re:Geeks should work without laws

[Todd+Boyle]

Glad to read at least one post on this stupid Slashdot website that has some common sense. The whole planet operates on CONTRACTS people. You work until Friday and the company gives you a paycheck. If they don't give you a paycheck, the cops come and make them give you a paycheck. Otherwise the company would just find a new sucker every monday. Duh. Apparently most of Slashdot either has never heard of CONTRACTS, or thinks humanity is advanced enough to work without contracts.

An important step not even mentioned

[Miou]

What I don't even see mentioned in the article is the verification process used to insure that the keyholder really is the person they claim to be.

Anyone can create a key claiming to be someone else - the only way you know that the key really does represent the person it claims to be representing is if: a) the person gave you their public key in person, or b) there is an authority that "signs" the key, confirming that it is in fact from that person.

Now, this is really no differant than the way things are today - anyone can sign a check as "Bill Gates," this is why Notaries exist. Are we going to extend the Notary system to have them sign public keys as well?

for all the nay-sayers

[eries]

let's not be too negative yet. I still think could be a really interesting step, as long as appropriate measures are made to confirm the digital signature for important transactions. Just like a bank won't give you a big loan without you coming in in person so they can verify that you're real. It would be nice if we could get a setup like current credit cards - not 100% secure but if your signature gets compromised you have pretty easy recourse to have the damage undone.

Is that feasible? Technically? Legally?

Want to work at Transmeta? MicronPC? Hedgefund.net? AT&T?

Woohoo!

[Zen]

I'm really looking forward to when this finally comes about. Damn them for putting March 1, 2001 in there tho. We all know it's not gonna happen then, it just can't happen BEFORE then. It'll probly be 6 months after that at least. This keeps popping up in conservations with friends, and all my non-tech savvy friends are really concerned about security, until I remind them of how much credit card fraud there is already. The new system would inherently have to be more secure than that, otherwise it wouldn't get passed.

How secure have signatures been lately anyhow?

[ParticleGirl]

How easy is it to forge a signature? Sign a credit card receipt, endorse a check, fax a copy of a signed document... matching handwriting is only for proving that it wasn't really you signing the document these days; it's for long after the fact. E-signatures are probably just as easy to forge (maybe they would be harder, as a matter of fact, because an encrypted code is verified at both ends, and not easily made up by Joe Microsoft whereas a name... well, you just check the spelling and assume that the handwriting is right.)

The difference is that it's harder to prove that you didn't electronically sign a document than it is to prove that you didn't physically sign a document.