Slashdot Mirror
Digitally Notarized Documents in Brazil
Remote writes: "As of next year, Brazilians will be able to obtain notary-authenticated digital documents and have them sent over the Internet (English) . You can also obtain a CD or floppy from a notary office, containing your document encrypted with an assymetric key. The key generation, though, demands that one shows up in person at the notary office for ID verification. This was made possible by legislation that recognises public-key encrypted documents and signatures as legally valid. This is one first step, and I don't see why this wouldn't be applied to things like contracts, invoices, wills, etc. Brazilian Notary and Register Association claims that one can even print as many copies of, say, your driver license as desired, though I don't see how this part would work..."
With all these laws being passed left and right towards internet and computer related technologys, i cannot work out which bloody country is the most technology and freedom with technology friendly of them all. Germany used to be my favorite, but with the recent DNS mess, i really dont know Anyone have any comments on this?
Microsoft IIS is to webserving as KFC is to healthy eating
Turkey!
But first Digital Brazilian !
I think I ate too much food... I'm going to hurl....
Anyone got any Alka Seltzer...?
URRRRRRRP.
..actually, on a second thought, who gives a fuck ?
You are being slashdottized, stop caring about bullshit !!
discussing this technology almost 5 years ago.
unfortunatly we have here in brasil some of the best cracker in the world. sooner or later one of them will find a way to crack the digatal signatures.
The bad point is that the press don't know the diffence between "crackers" and "hackers", so as soon as the first digitaly signed forgery shows up, the brasilian press will start mudslinging hackers as the culprits.
it's about time we start a PR campaign to teach the public and the press about the diference.
What ? Me, worry ?
I don't know, but as a brazilian, I'm quite worried about this. One thing is to digitally sign digital documents, but to sign digitally sign real documents and allow anyone to print them as authentic copies! This opens a large space to fraud! If I'm able to print a document, why couldn't I change it before I print it, for instance? And what would make this document that I printed in my computer a really authenticated copy? I sense a lot of frauds coming...
Ricardo da Silva Lima
Music files?
And your point is??
I mean, whatever yoou call them, if someone breaks the law, he/she will have to deal with it.
I doubt police will blast into your house because you once wrote an email saying that you are an hacker.
Nobody outside slashdot really gives a damn about the difference about hacker and cracker. Just stop calling yourself hacker and you won't have to feel half as concerned.
Why do people have to go around telling that they are hackers, geeks, nerds anyway?
Stupid vanity, get busy with your code instead!!
This is really nothing new. we already use digitally signed and encrypted EDIFACT messages (Invoices) where a notary is used to give out the keys. The messages are then send over internet (unreliable ) but much cheaper then X-400 (now over 5.000 euro per month)
*wanks*
*spooges on their feet*
THE OFFICIAL TACO-SNOTTING FAQ
By The WIPO Troll, $Revision: 1.10 $
What is "Taco-snotting?"
Good Lord. And what is a "Circle-snot"?
Ewwwww. Why have I been receiving emails from CmdrTaco asking me if he can Taco-snot me?
I can't stop receiving these emails from CmdrTaco!?
Have you ever been Taco-Snotted?
That's horrible. Does "Taco-snotting" have anything to do with CmdrTaco's "special taco"?
Does Jon Katz get involved in any of this? I thought he was a paedophile, not a homosexual.
What's that screaming I hear coming from your basement?
No, thanks. I'm already CmdrTaco's boi toi.
________________________________________
READER COMMENTS
by Anonymous Coward on 2001.11.21 4:49 (#2594325)
oh yeah, you say you have masturbated only 2 times to this post. well, by the time it takes for me to get through reading it, i usually end up masturbated 5 to 6 times, 10 to 12 if i have the goatse.cx homepage loaded up and am looking at it side by side with the slashdot page. my keyboard, hands, mouse, monitor, the underside of my desk and around the floor under my desk are cum soaked and sticky with the man smell i know and love.
by Anonymous Coward on 2001.11.21 4:41 (#2594311)
for version 2 you should make a total re-write of the cod...errr...text and add some details about cmdrtaco and the homo-gang's happenings with their coworkers (osdn?) and all of the gay revelry they enjoy and promote. by the way, did i just see cmdrtaco on television promoting the nax hair removal system? i guess after using vaseline in and around his ass he grew quite a ponytail and it had to be removed somehow...ouch!
by TRoLLaXoR on 2001.11.21 3:59 (#2594191)
WIPO, do you notice how few comments you get for anything you write/post/spam nowadays?
-Trollaxor
by sales_worldwide on 2001.11.20 11:53 (#2588488)
You forgot to mention Jon Katz's "docking" games, where he places his chopper head to head with another chap, and rolls the other guys foreskin over his own circumcised end ("docking"), providing him with fantasies of actually having his own forskin
"Making linux GPL was the best thing I ever did" - Torvalds. I'd hate to see the worst thing...
by Fucky the troll on 2001.11.20 11:28 (#2588446)
Woah! When did the WIPO troll get freed? And how the fuck did I miss it?
Excellent FP, sir.
This is a sig virus. Please put me in your sig
by Anonymous Coward on 2001.11.20 11:04 (#2588407)
omg that is crapflooding material if i ever saw it!!!!!! and u got a first post!!!! whoot to the wipo troll!!!
by Anonymous Coward on 2001.11.19 9:03 (#2583756)
GW...you know we love every hair on your 27 acre ass... and I, for one, would never do anything untowards your graceful demeanor. And you probably have several friends that would love to help you do the bear dance all over my face if I so much as spelled your name wrong. And you know I'd defend your Constitutional right to defame God in heaven. I'd even help fund your education, should you ever decide to take that route. Hell, I'd buy you a tall tepid bear-whiz beer if you were here with me, right now!
But.
Now go stick your shaved head back down inside the woman's toilet, and just to show there's no hard feelings, I'll jump in the tow-truck and drive right over to help you pull it right out...ok?
thanks
by mark knopfler 69 on 2001.11.19 8:25 (#2583695)
I DO NOT BELIEVE YOU SIR. FOR ONE THING, THE E-MAIL FROM CMDRTACO DOES NOT HAVE ENOUGH GRAMMATICAL AND SPELLING MISTAKES. Let's be realistic here, CmdrTaco usually types with one hand, and since he is shaking from jacking off his aim on the keyboard isn't too good. Those e-mails were a little too well written. Sorry boy, you'll have to do better.
by WeatherTroll on 2001.11.19 8:14 (#2583667)
You should update this to say VA Software instead of VA Linux.
by smackmonkey on 2001.11.19 7:06 (#2583510)
Crackhead moderators: this is +5, Hilarious material.
--
CNN declares War on Islam!
Left-wing America declares War on its Civil Liberties!
by Anonymous Coward on 2001.11.19 5:40 (#2583336)
This was funny the first 100 times. Now it is getting boring!
by egg troll on 2001.11.18 22:27 (#2582054)
Having masturbated *twice* to this post, I'm still incredibly aroused! Come over for a Taco Snot. I'll be wearing my crotchless Clifford the Big Red Dog outfit!!
For more info check out this
by Anonymous Coward on 2001.11.18 12:03 (#2580822)
add more links to goatse and to cowboineal's site to make it better. a link to rotten.com would be nice too
by Anonymous Coward on 2001.11.18 12:18 (#2580832)
and a link to michael's site and to jon katz's site if he has one and homo's site. i dont know what else to say. maybe a few links to phallic.org they have nice penis pictures! a link to the planet quake site or whatever. really make the reader feel this faq really answers their questions. oh yeah, and when you talk about cmdrtaco snotting you, say he brought you to "orgasm after sweaty orgasm". describe it more is all i'm saying. and use more italics and bolding! and when you talk about jon katz shitting or whatever have a link to fecal japan on rotten.com
other wise a great job wipo troll! keep up the good work!
by Wil Wheaton on 2001.11.18 6:41 (#2580438)
Hi. Let's be buddies.. butt buddies.
--
WIL WHEATON DOT NET
by dead_puppy on 2001.11.18 5:33 (#2580342)
Here is an e-mail I received a week ago:
From: malda@slashdot.org
To: puppy_dead@hotmail.com
Subject: were where you last friday?
I thought we where supposed to meet at Backdoor's at 8-ish, sugar-lips? You could've at least told me that you could'nt make it! I was even in my favorite pink skirt for you, honey-cup... next time, you could be more considarite and tell me you cant come... bastard.
--
CmdrTaco (malda@slashdot.org)
You finding Ling-Ling's head?
by Big_Ass_Spork on 2001.11.18 4:53 (#2580300)
I do it wrong
Laying here in the shadows of my room, I squint up at my love. My Ms. Portman. I am sore and tired after fucking her for eight solid hours. My chapped and aching dick is soaking in grits to relieve the pain. She gets on her knees and starts lapping the grits up out of the bowl. She places her beautiful hands on my penis and starts to lick the grits off my achy piece.
Massaging my nutsack she....
WAIT, I DO IT WRONG!!!!
Yanking my dick out of her mouth I throw her to the ground and shove it in to her gaping freshly fisted ass. [goatse.cx]
"OH BIG ASS SPORK!! Fuck my ass, fuck my ass good. DEEPER, my stallion, deeper!! Make a Beowulf cluster of sperm on my back!!"
"Imagine a Beowulf cluster of this baby!"
I DO IT WRONG!!!!
---
All your Sporks are belong to Big_Ass_Spork! What you say?! All your Sporks are belo... forget it...
by j0nkatz on 2001.11.17 22:54 (#2579596)
I just heard some sad news on the radio -- famous queerbait Rob Malda was found dead in his Holland home this morning. The details were a bit hazy, but it seems that he drowned in jizz while Taco Snotting his friend Hemos. I'm sure everyone in the
I wanna Open Source sex so it won't be worth a shit either.
by Anonymous Coward on 2001.11.15 6:38 (#2567601)
No no no, the correct term for that is "donkey-punch". I have eye-witnessed this amazing eye-popping event demonstrated on unsuspecting hose-monsters by my frat brothers in the past.. .
by AbsoluteRelativity on 2001.11.15 5:31 (#2567457)
The WIPO Troll
Slashdot and the Karma Lottery - News for uber monkeys, by uber monkeys.
by Anonymous Coward on 2001.11.13 9:27 (#2557632)
Oh, man that's just sick !
by Anonymous Coward on 2001.11.13 9:03 (#2557604)
TELL ME WHERE I CAN GET AN ANONYMOUS proxy please WIPO Troll. Maybe later i will join you in a snotting at my place.
by vikool on 2001.11.13 7:43 (#2557495)
what is this bull shit,i feel offened that some people feel so so senseless to post stuff like these esp when such a tragic incident has occured
by I.T.R.A.R.K. on 2001.11.11 22:38 (#2551890)
Where the fuck do I sign up?!
- I throw rocks at retarded kids
"Adequacy.org: Where congenital stupidity is not an option, but a requirement."
by Anonymous Coward on 2001.11.11 21:53 (#2551753)
this shit is hilarious..keep up the good work.
by rockwood on 2001.11.11 21:49 (#2551746)
OMG! That is the most disgusting thing I have ever heard! WHo in their right mind would sit down and waste the time to construct such a replusive story. I guess I'll be skipping lunch and dinner today.. and possibly tomorrow also. The game doesn't affect reality. Reality affects the game.
by Anonymous Coward on 2001.11.11 14:43 (#2550701)
dude, this is crap-flood material if i ever saw it.
duuuuuuuuudddddddddddddeeeeeeeee.
by Anonymous Coward on 2001.11.11 8:16 (#2550266)
horny_rob_6969@hotmail.com
Ah, so that's what the alt.binaries.pictures.erotica.horny-rob newsgroup is about!
by egg troll on 2001.11.11 5:34 (#2550024)
+5, Arousing
For more info check out this
by Anonymous Coward on 2001.11.11 4:39 (#2549891)
WINNER>
by Anonymous Coward on 2001.11.11 4:37 (#2549887)
I love you. Why do you use your bitchslapped account, rather than signing up for a new account to post at +1 before getting bitchslapped by the censors here? I guess I should speak for myself, but I don't want to log out and lose all my slashdot customization properties, nor do I want to lose my 50 karma yet.
by Anonymous Coward on 2001.11.09 9:19 (#2542412)
you fucking rock! right down to the expanded cvs id!
WIPO trolls > linux
________________________________________
J. Wipo Troll, Esq.
Crapflooder Associates
Slashdot.org
Highly...
The reason stuff like this would work on stuff like official documents but not on stuff like music is because if one country imposed legislation on it, there would always be another country without it. And since filesharing expands beyond patrial (is that a word?) borders, all the music that supposedly gets encrypted would just be worked around by another country. It works on official documents because... well, there's no real public demand for online official documents because they don't exist yet. And since the media and the demand for the media isn't already in place, it's not uncontrollable.
Also, people are going to spend hour upon hour of playing with music files trying to crack the encryption because, well, people are more than happy to redistribute the music they own, as opposed to say their driver's license, which I don't think they really want to hand out to some guy on the street.
At least, that's how I see it.
Karma: Non-Heinous
My boyfriend had been going on at me for a long time about wanting anal sex with me. Initially I was quite shocked, but perhaps not surprised as he had gone to a well known public school, and I knew what they got up to!
I started to look up websites and read articles about anal sex on the Internet, and I was surprised how interesting I found the subject - I was even intrigued that the Americans call the women 'back door girls'.
One evening, after a few too many glasses of wine, I said that I would agree to it, on the condition that if it hurt or I did not like it he would stop immediately. My boyfriend is very considerate and he fully agreed to my demands. I said that I would have a bath, and see him in the bedroom.
I made sure that I carefully scrubbed my bottom in readiness, and with some trepidation walked into the bedroom. My boyfriend did nothing to hide his erection and he said that he was getting really excited at the prospect of taking me from the rear. He gave me a long and passionate kiss, his tongue probing deep into my mouth. He then cupped my breasts and started to lick and suck my nipples, which made them stand out like stalks. I could feel the moisture starting to flow from my pussy. He then got me to kneel on the carpet with my bottom sticking straight up at him. I am rather proud of my bottom, and he praised its plump roundness.
His tongue started to lick up and down my crack, I could feel his saliva dribbling down over my gaping pussy lips. My hand went to seek out my clit, and I rubbed it hard. Then he eased his cock to my puckered little hole, and ever so gently pushed it in. I let out a gasp, and tried to relax my muscles he slid further inside me. It was an incredible sensation, feeling his stiff cock gliding in and out of my bottom as my finger masturbated my clit.
Soon he cried out that he was going to cum, and my hand was in a frenzy rubbing my swollen bud, as I too felt my orgasm start. He groaned as with a final thrust up my bottom he spurted his delicious hot cream deep inside me. That was enough to send me over the top and I came with a violent shuddering spasm.
As a thank you to me, he gave my juicy pussy a good licking, and I had another lovely orgasm. I am now a fully paid up 'back door girl'!
Alternatively, the document could be signed by both parties, but that kinda reduces the value of an individuals signature key, imho. In any case, a shared symmetric encryption key seems to me to be much like a notary stamp.
Disclaimer: the above may be a load of bunk. The site is slashdotted right now.
Digital Documents will be a big step in Brazil administration. In a near future this could be possible voting from home, through internet.
In a short ranged time period, we won't need any more travel to other cities to sell houses, or anything else that needs assign any kind of paper. You can do it from home!
I guess all brazilians thanks our governments efforts to come that true, because if you past all your entire life dealing with dozens of documents Brazil uses a lot of differents documents independently, as ID and Driver's license.
This action can too improve sells through Internet, because government supports security to the citizen.
This law can push the present situation to a step further in simplifying all transactions and accelerating selling/buying through Internet even of houses.
...has fewer holes.
Brazil has historically been the country of choice for international criminals due to their exportation laws. If you can make it to Brazilian soil, it's like crossing home plate. SAFE!
Don't believe me? Just ask Ronnie Biggs who after helping commit The Great Train Robbery in England, fled to and lived out his life in Brazi.
When international criminals need plastic surgery to change their appearance, more often than not it is performed by Brazilian doctors.
And the latest entry into Brazil's loooong list of indiscretions is the existence of large terrorist populations operating on their soil. Perhaps it isn't their fault the terrorists setup shop there, but they're still there.
Slashdot had an article about Brazil a couple months ago explaining about how their government was planning to break the patent on an AIDS drug because they couldn't agree with the manufacturer on a price.
And before you pipe up and say, "B..b..but the U.S. did the same thing with Cipro!" let me remind you that the patent on Cipro is nearly expired and we only threatened to hasten the bargaining game; not to actually do it. It was in very poor taste, but in the end, we paid for the medicine. Brazil won't.
So now Brazil is offering 'secure' documents, eh? HA! There are so many ways to exploit this it's sick.
Even in the U.S. you can be Joe Anyone and be certified as a notary. So if you want to falsify a will or business agreement, all you have to do is bribe one of your friends that is a notary and make the desired changes.
Or, you could even do it the right way and simply create a person. You can buy identities cheaply in Brazil. Make a false person, make that false person a notary, and have them change documents at will. Then, they simply disappear.
Total bullshit. Brazil creating and implementing a security scheme is like Ethiopia setting up culinary schools.
Knunov
Why do users with IDs under 100,000 or over 700,000 usually have the most worthwhile comments?
Everyone interested in this subject should read Bruce Schneier's piece on the subject: Why Digital Signatures Aren't Signatures. The gist of his article is that although cryptography came verify that a document can from a given computer, it cannot verify that it came from a given person, or even that that person intended to sign that document. "The mathematics of cryptography, no matter how strong," he writes, "cannot bridge the gap between me and my computer."
Do domain names matter?
The slashdot spin on this seems to be that it's a good thing.
How is this a good thing? Sure it may make being able to notarize things more convenient. And having it recognized as 'official' may be beneficial for many people. Especially businesses and other types of organizations who often need something to be canonized before they can embrace it.
What does this really mean though? If my key is compromised and someone uses it to 'sign' a contract, does that mean I'm bound by it?
Or will duress-like provisions apply?
brian is at entropy dot net
Well, if you have an image containing a bar code that is a digital signature of the data (name,date of birth,expiry date etc) on the licence, made by the government's secret key, anyone with a barcode scanner and a palmtop that can run PGP or something can validate the document. All you need is the government's public key.
I think that would be a very elegant way to save money, while making the production of false documents more difficult.
Is it dificult to contract AIDS? Now you're getting stupid. A beautiful day, a beautiful girl, nice family etc, she is so serious bla bla bla you are seeing her for 3 months now, you get laid, and the condom blows. But hey, no problem, she's nice, she's not a whore, she couldn't probably have aids, no big deal... till 6 months later when u do your blood test and it hits positive for HIV. And again, as a sidenote, Brazil has the best anti-AIDS propaganda in the whole fscking world. Everyone uses the damn condoms.
:)
There is no risk group when you're talking about AIDS. By the way, how the hell do you think that all ppl who have AIDS were contaminated in the first place? Maybe you're not getting laid too much heheheh
Rio de Janeiro's dwellers are stupid. No, really.
maybe by trying to give some pleasure to a Nerd like you are ?
.02 :)
+ If you make bllod test every 6 month, maybe YOU are the one that doesn't get laid often enough...
Well, just my
We all do relalize, that if the security of the notary is compromised, it is easy to generate digital signatures. What makes it worse, is if the key is secretly compromised (i.e. downloaded)
-
ping -f 255.255.255.255 # if only
someone please mod this down to offtopic.
Internet based services are way behind where they should be. Something as basic as timestamping is still having trouble getting of the ground after several years. Think of all the things that you should be able to accomplish, simply (although not necessarily freely) but just can't yet.
Brazilians will be able to digitalize any certified document and can make as many copies they want
Brazilian citizens, starting next year, will be able to get in a notary's office a floppy disk, or a CD-ROM, containing driver and identity cards, birth certificate and property deeds, guaranteed to be authentic, secure and legal. With the disk the citizen will be able to print as many electronic copies as many times as wanted, in the house, the office, or to send them over the Internet, respecting legal restrictions.
This is one of the simplifications that will be at the disposal of the Brazilian citizens in the contract that the Association of the Notaries and Registers of Brazil (ANOREG-BR) signs today, Monday, at 3:00, with the SERPRO (Federal Job of Data Processing), SGAN-Document 601-Section V, here in Brasilia (the Capital). To make a long story short, digital certificates could be distributed so that the notaries and registers will allow the electronic sending of any document, that will have the same attributes as the normal document. The trial version will have initial implantation in 10 notary's offices in Rio De Janeiro.
The information is from the president of Association of the Notaries and Registrations of Brazil (ANOREG-BR), clarifying that such modernization now is possible after the passing of the Provisional remedy that instituted Infrastructure of Brazilian Public Keys (ICP-Brazil), giving to legal validity digital documents and signatures.
According to the contract, it legalizes, the ANOREG-BR as the Authority Certifier of the notaries and Registers (notary's offices). SERPRO will initialize the creation of the digital certificates, giving the encrypted electronic form of documents, through a combination of numbers, letters and symbols, a guarantee (haha) that the source will be secure and bad guys cant crack into it.
For the creation of the Digital Certificate, the bearer generates two encrypted keys (a public and private one). The private key, used to sign documents digitally, will remain exclusively under control of the bearer of the certificate. The public key and the identification of the bearer define the content of the Digital Certificate. This, in turn, digitally is signed by the Authority Certifier, with process of identification for the bearer of the key will ALWAYS be made in notary's office.
Still according to Léa Portugal, the Digital Certificates sent by the ANOREG-BR will contain extensions that aim at to extend the degree of security and the reliability of the procedure practiced for the notary jobs and of the register. These extensions will allow, among other things, the users of the procedure to verify if the bearer of the certificate possess delegation of the public power to guarantee the act in question.
Innumerable advantages
With the implanted system, Luiz explains Gustavo Leão Ribeiro, president of the ANOREG-DF, a real estate deal will be able to be received from the notary's offices, through the Internet, and all at one time, all the necessary certificates to the finish the deal, with the documents that proves the inexistence of restrictions to the property, such as mortgage, non-availability, distrainment etc. will be available. In the same way, a bank that negotiates a loan with a customer will prove, electronically, the validity and the availability to guarantee the loan.
Says Luiz Gustavo: the advantage of the contract with the SERPRO is that the agency uses the "digital language" of the government and that the digital documents generated by the notary jobs and registrars will enjoy of the same level of acceptance that the normal documents generated for the public management (the paper kind). Securitywise, it definitively guarantees that any attempt to alter the text or signature of the digital certificates will invalidate the document. Moreover, the SERPRO will always guarantee, to the notary acts and of public registers, the same technology, security and reliability supplied the diverse organizations of the public management, from the Presidency of the Republic.
The private keys, clarified the president of the ANOREG-DF, remains exclusively under control of the bearer of the certificate, and its security can be magnified with the use of intelligent cards (smart cards), that still can be improved with diverse biological-related readers (fingerprint, voice, retina etc.).
For more information:
Assessorship of the Press of the ANOREG-BR - Luis Joca (Texto and Cia - Consultant in Communication: (61) 322.1675/1408 and 9983.3589)
Assessorship Technique - Arnaldo Viegas de Lima: (21) 9874,4997
Dra. Léa Portugal, president of the ANOREG-BR: (61) 9984-5554
Dr. Luiz Gustavo Leão Ribeiro: (61) 9985.2396
Is anyone doing online notarization in the U.S. anyone know? Is it even possible under any U.S state's current law?
I've been thinking it'd be nice if webmasters had a way to notarize information and then point to that notarization (on the notary's website, for credibility). This would a way to backup certain claims in a way easy for people to verify. Good idea?
"Be thankful you are not my student. You would not get a high grade for such a design
Do be careful when you see the word "notary" in reference to a foreign country. I guess for the purposes of what you said up there and what the article is about, you can sorta use it in the same way.
49 states are "common law" states. A notary public in these states doesn't do anything else except notarize (certify) documents (that the person is whom they claim to be and that they sign the document intentionally and not under duress...etc.)
Brazil, most foreign countries, and Lousiana are "civil law" jurisdictions. Notaries in those places do a lot more than just certify documents. They are actually lawyers who have quite a lot of interesting powers and duties. For instance, a Lousiana notary is involved in the buying/selling of a home (in the other 49 states, we use "title agencies.)
My point is, in the 49 states, notaries don't really do all that much...whereas notaries in civil law countries are quite a part of everday life--so there may not be all that much of a reason for notaries to go online here--but notarial services in civil law countries is quite a convenience.
If you are only trying to make it possible for one person to digitally sign documents with their own key, it can be much simpler than all that. Just write a module for a PDA that generates the key internally and can sign documents on it, and wave lots of warning signs at the user when they do something that would copy their private key off the PDA. If you never run the PDA software on anything you don't read first (or put any untrusted software on it), how can you screw up? Obviously you need a PDA where the data transfer can be adminstered from the PDA side, not the random-untrusted-PC side, but the software work for this seems like a lot less than custom-tailoring and auditing an entire linux kernel. You could even physically mangle the communication link so that it works in one direction only, and when you sign something, manually transcribe the result, which should be a reasonably short hex string. Or only sign hashes of documents (which is typical anyway) and also input the hash by hand, but then you have to trust the computer generating the hash, since you don't get to inspect the plaintext on the PDA as you sign it.
What are you concerned about Tempest radiation for, anyway? Maybe the system bus would leak information about the private key, but the _monitor_? All it should be doing is displaying the contract, and the contract doesn't need to be secret... indeed, it will not remain so if there is ever a dispute about the signers.
Java: the COBOL of the new millenium.
Schneier actually suggests using a handheld in the article.
At least that means this solution is obvious. Generate your keypair on your PDA, and then secure it physically.
Java: the COBOL of the new millenium.
This is a national PKI, guys. They are not just playing around. The Federal government will run a root CA, regional CAs and RAs will be established, and every citizen will have the right to use the system. Everyone will be able to get a key pair.
There are clear rules in Brazil which distinguish the applicability of an authenticated copy and an original document. You can get a physical, authenticated copy of your driver's license and use it for a zillion things, but you must drive with your original driver's license. The digital copies will be just as good as authenticated copies.
I have not had access to the actual documents that explain the notarization system, but I am quite sure that you will need to notorize (get a timestamp and a signature from a digital notary) each printed copy of the documents.
The BIG issue here is whether we want the Federal Governmente to operate the Root CA. Among other powers, it will hold a backup copy of each private key in the national system.
On the other hand, there is no point in discussing this, since the Federal Government has established the national PKI already. The rules are set, and they are reasonable.
What really worries me is that the government and media have made no effort to explain any of this to the people of this very poor and ignorant country.
He said assymetric. Heh heh.
Digital Signatures as a direct replacement for pen signatures is really a bad idea. Basically, what an X.509 certificate says is "On [date] a public key [hash] was held by [individual or orgnaization] and I have absolutely no idea what hardware, software and security procedues [individual or organization] uses to protect it. Signed by [issuer]".
Digital Notarization is a much better idea. It's the equivalent of a notarization seal, not a pen signature. Digital Notaries are required to employ certain security measures or else they could lose their license and have their certificates revoked. A Notarized Digital Signature says "On [date], I have verified the identity of [individual or authorized representative of organization] and obtained their informed consent of the content of the following document [hash]. If necessary, I will testify to this fact in court. Signed [notary]".
Stop worrying about the risks of nuclear power and start worrying about the risks of not using nuclear power.
Ronald Biggs wasn't sent back to GB because he is married to a brazilian woman AND has a brazilian son. This situation is protected under brazilian law.
If any foreign criminal is jailed in Brazil, it will be extractided to any country with a extratition treaty.
Please, do your homework first, then post the FACTS.