When *not* to sign an e-mail message? - PGP

This is a discussion on When *not* to sign an e-mail message? - PGP ; Anne & Lynn Wheeler writes: > there are all sort of short-comings if you believe that digital > signatures translate straight-forward to the same as human signatures. Well, they do, legally. They reduce to exactly the same thing in court: ...

+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast
Results 21 to 40 of 51

Thread: When *not* to sign an e-mail message?

  1. Re: When *not* to sign an e-mail message?

    Anne & Lynn Wheeler writes:

    > there are all sort of short-comings if you believe that digital
    > signatures translate straight-forward to the same as human signatures.


    Well, they do, legally. They reduce to exactly the same thing in
    court: one party says "he agreed to this," and the other party says
    "no, I didn't."

    The actual method of authentication is often irrelevant, since the
    forgery is often out-of-band. Thus, the handwritten signature may
    pass the authentication test, but the forger simply manages this by
    carefully copying an authentic signature. And the digital signature
    may be impossible to forge without a key, but the forger manages by
    simply stealing the key.

    --
    Transpose mxsmanic and gmail to reach me by e-mail.

  2. Re: When *not* to sign an e-mail message?

    Mxsmanic wrote:

    > Andrew Swallow writes:
    >
    >
    >>It is equivalent to a company using a rubber stamp to sign cheques.
    >>Where there are a thousand people on the pay roll it is quite common for
    >>the clerks to be given such rubber stamps. It saves the boss a lot of
    >>writing.

    >
    >
    > In practice, it's a check-signing machine, but your point still
    > applies; indeed, with a check-signing machine, it resembles digital
    > signatures even more.


    Thank you. Yes signing using rubber stamps is a little Victorian.

    Andrew Swallow

  3. Re: When *not* to sign an e-mail message?

    Mxsmanic wrote in
    news:f51p02penrokmervke8r34suuhdbn0ffac@4ax.com:

    >> No, in any western system of law, the person relying on the signature
    >> (usually the recipient or beneficiary) must prove its validity (e.g.,
    >> a bank relying on my signature on a cheque must validate it against
    >> its sample signature). If it is contested and goes to court it is
    >> the bank's burden (to use my example) to satisfy the court that the
    >> signatures match.

    >
    > Which is trivially easy to do, if the bank did indeed look at the
    > signatures--it is sufficient to show the two signatures in court.



    No, it is highly inlikely that that would be sufficient for any serious
    matter. In all likelihood there would be expert witnesses (including
    specialists in handwriting, forensics, counterfeiting, ink, paper, and on
    and on) from the bank and a number of other parties involved.


    > Yes, you do. If the signature matches the model the bank used for
    > validation, you have to find a way to prove that it's not your
    > signature, even though it looks the same.



    See above. It is inconceivable that the standard in any sensible court
    regarding a handwriting aspect that rises above the trivial or incidental
    would be your dismissive "looks the same."


    >> With electronic signatures I have taken on additional burdens that do
    >> not apply with traditional signatures. For instance, I now carry a
    >> burden not to be negligent in my keeping the keys safe. And, if the
    >> signature is disputed, it would fall on *me* to show that they had
    >> somehow leaked or been compromised (e.g., I might have to show
    >> Verisign has a corrupt employee). I have taken on (or rather had
    >> imposed on me) additional responsibility and the need for a wider net
    >> of trust - things I don't have to do the old-fashioned way.



    > Still, it is trivially easy to forge a handwritten signature, whereas
    > it is not feasible to forge a digital signature.



    It is actually rather difficult to forge a handwritten signature so that
    it will pass detailed forensic examination rather than a mere quick,
    casual visual inspection. It is not by accident that signatures have
    been relied on for many hundreds of years for matters great and small.

    Moreover it can be easy to forge a digital signature. True, one method,
    brute forcing the key, is currently computationally infeasible, but that
    hardly exhausts the possibilities. There are any number of methods of
    stealing the key, compromising the security (e.g., having the signer
    foolishly sign a document presented to him), electronically switching
    which document is presented and which is actually signed, and on and on.

    Regards,



  4. Re: When *not* to sign an e-mail message?

    Mxsmanic wrote in
    news:sc1p02t78q6ead4e166k0f5ut7fn83l417@4ax.com:


    >> No reversal, just harder to lie.

    >
    > Exactly. And the consequences are more severe if one is careless.



    I don't want to adopt a signing system that imposes a severe duty of care
    regarding keys. As I pointed out before, that is equivalent to having to
    guard a chequebook in which I have already signed every blank cheque.

    If you were to propose to someone that he should manage his chequebook that
    way he'd laugh in your face. It would be seen as not just imprudent but as
    utterly reckless. And yet that is what you equivalently would impose on me
    to support your digital signing system.

    No, I'd much rather have a system where the only requirement was for a
    single constructive act on my part - a handwritten signature - with no
    onerous additional obligations before or after.

    Regards,






  5. Re: When *not* to sign an e-mail message?

    nemo_outis writes:

    > I don't want to adopt a signing system that imposes a severe duty of care
    > regarding keys.


    You prefer a signing system that makes forgery so easy that it's
    essentially dependent on the honor system?

    > No, I'd much rather have a system where the only requirement was for a
    > single constructive act on my part - a handwritten signature - with no
    > onerous additional obligations before or after.


    And anyone can write that handwritten signature--you need not even be
    present.

    --
    Transpose mxsmanic and gmail to reach me by e-mail.

  6. Re: When *not* to sign an e-mail message?

    nemo_outis writes:

    > No, it is highly inlikely that that would be sufficient for any serious
    > matter. In all likelihood there would be expert witnesses (including
    > specialists in handwriting, forensics, counterfeiting, ink, paper, and on
    > and on) from the bank and a number of other parties involved.


    The reality is that it's easy to forge handwritten signatures, no
    matter how much forensic effort you put into checking them. They are
    fundamentally insecure.

    > See above. It is inconceivable that the standard in any sensible court
    > regarding a handwriting aspect that rises above the trivial or incidental
    > would be your dismissive "looks the same."


    That's the whole basis of handwritten signatures. If they look the
    same, they pass.

    > It is actually rather difficult to forge a handwritten signature so that
    > it will pass detailed forensic examination rather than a mere quick,
    > casual visual inspection.


    Examples?

    > It is not by accident that signatures have
    > been relied on for many hundreds of years for matters great and small.


    It has been relied upon because there has never been anything else.

    > Moreover it can be easy to forge a digital signature. True, one method,
    > brute forcing the key, is currently computationally infeasible, but that
    > hardly exhausts the possibilities. There are any number of methods of
    > stealing the key, compromising the security (e.g., having the signer
    > foolishly sign a document presented to him), electronically switching
    > which document is presented and which is actually signed, and on and on.


    These are out-of-band compromises of the system.

    --
    Transpose mxsmanic and gmail to reach me by e-mail.

  7. Re: When *not* to sign an e-mail message?

    Andrew Swallow wrote in
    news:dui1oh$k8j$1@nwrdmz01.dmz.ncs.ea.ibs-infra.bt.com:

    >
    > Thank you. Yes signing using rubber stamps is a little Victorian.
    >
    > Andrew Swallow



    And many Asians continue to use the chop system rather than signatures.

    But we were discussing handwritten versus digital signatures.

    Regards,




  8. Re: When *not* to sign an e-mail message?

    Mxsmanic wrote in
    news:lf1p025hgg50uap71blqfm7o2usv4fdsg2@4ax.com:

    > nemo_outis writes:
    >
    >> Handwritten and digital signatures are not equivalent - the reference
    >> to both as "signatures" is at best an analogy, at worst a deception.

    >
    > Legally, they are identical.



    No, they are not legally identical. As just one blatant difference digital
    signatures are not recognized as valid in many jurisdictions.


    >> PPS A different signature on my cheques than my contracts? ...or
    >> on my credit cards? ...or on my letters? ...or on my...? Gimme a
    >> break! I do not have a quiver of signatures, nor do most people.
    >> Why don't we talk about this universe rather than the parallel one
    >> you might prefer?

    >
    > Why don't you refrain from personal attacks in your arguments? The ad
    > hominem undermines your credibility.



    What personal attack? I asked him to speak of the universe in which we
    currently reside. You know, the universe in which virtually no one uses
    multiple handwritten signatures. It is he with his nonsense who has
    indicted himself as a fool - he needed no help from me.

    But speaking more broadly, yes, I do infer that a man who says foolish
    things is a fool. It's called proceeding on the evidence.

    However, my initial judgment is graciously open to appeals from him
    pleading he was hasty, thoughtless, or careless rather than a fool.

    Regards,


  9. Re: When *not* to sign an e-mail message?

    nemo_outis wrote:
    > "Non scrivetemi" wrote in
    > news:97a0b7459f825709f6691dc3bb94ca7e@pboxmix.wins tonsmith.info:
    >
    >> Hi,
    >>
    >> I'm wondering if there are any hypothetical situations where one would
    >> NOT want to sign an email message they are sending to another party.
    >> In my opinion, there are no valid reasons not to sign a message.
    >>
    >> Can anyone point out a situation to me where *not* signing would be
    >> advantageous (excluding off course that the message may be smaller if
    >> it's not signed)?
    >>
    >> TIA
    >>

    >
    >
    >
    > The whole question of digital signing and non-repudiation is fatally
    > flawed.
    >
    > Why? Because it reverses the burden of proof.
    >
    > With existing handwritten signatures the burden of verifying the signature
    > falls on the recipient (e.g., banks re a cheque). With digital signatures
    > the sender must prove he didn't send it (e.g., he might argue his key had
    > been stolen).
    >
    > The traditional basis of signatures is that the burden lies on the fellow
    > relying on them; digital signatures reverse 1000 years of legal and
    > commercial practice. While arguments can be advanced why such a reversal
    > might be desirable they have to overcome this "who proves" hurdle and
    > cannot rely solely on their "gee-whiz" gimcrackery as sufficient
    > justification.
    >
    > Regards,
    >


    The legal standing of digital signatures in different nations is
    documented in Dr. Simone van der Hof's "Digital Signature Law Survey" at
    .

    --

    David E. Ross


    Concerned about someone (e.g., Pres. Bush) snooping
    into your E-mail? Use PGP.
    See my

  10. Re: When *not* to sign an e-mail message?

    Mxsmanic wrote in
    news:hv5p02lm94370klqhbv8i2mv9e17tal3fv@4ax.com:


    > The reality is that it's easy to forge handwritten signatures, no
    > matter how much forensic effort you put into checking them. They are
    > fundamentally insecure.



    Well then, why don't you pen a series of letters ostensibly from George
    Washington and sell them at immense profit?


    >> It is not by accident that signatures have
    >> been relied on for many hundreds of years for matters great and
    >> small.


    > It has been relied upon because there has never been anything else.



    While every system has limitations and deficiencies, written signatures
    have worked well for a very long time, across numerous cultures and legal
    systems, for a very wide range of purposes from casual letters to multi-
    billion dollar deals and international treaties. Moreover, the practices
    and principles of a number of important institutions and social and
    economic practices have been refined to work on an integrated basis with
    such handwritten signatures.

    Despite the enthusiasm of technophiles, it remains to be shown whether
    digital signatures can attain anything like such widespread and longterm
    utility.


    >> Moreover it can be easy to forge a digital signature. True, one
    >> method, brute forcing the key, is currently computationally
    >> infeasible, but that hardly exhausts the possibilities. There are
    >> any number of methods of stealing the key, compromising the security
    >> (e.g., having the signer foolishly sign a document presented to him),
    >> electronically switching which document is presented and which is
    >> actually signed, and on and on.

    >
    > These are out-of-band compromises of the system.



    I don't give a fig about the modality of compromise (except as the most
    incidental of trivia). I care about whether and to what degree digital
    signature systems are susceptible to any form of compromise, what
    mitigative measures are necessary to prevent such compromise, on whom the
    burdens (technical, legal, ecopnomic, or whatever) fall, and to what
    extent such problems diminish the social utility of such signature
    systems.

    If digital signatures are susceptible to compromise it matters little to
    me (or anyone else I suspect) whether their failures are attributable to
    factoring large numbers or putting a keylogger on someone's computer.

    Regards,


    PS For instance, one mitigative measure to preserve ANY utility in
    digital signatures, potentially a very onerous one, is the need to keep
    the key secret - possibly for decades!


  11. Re: When *not* to sign an e-mail message?

    nemo_outis wrote:

    > Andrew Swallow wrote in
    > news:dui1oh$k8j$1@nwrdmz01.dmz.ncs.ea.ibs-infra.bt.com:
    >
    >
    >>Thank you. Yes signing using rubber stamps is a little Victorian.
    >>
    >>Andrew Swallow

    >
    >
    >
    > And many Asians continue to use the chop system rather than signatures.
    >
    > But we were discussing handwritten versus digital signatures.


    Governments and corporations use seals rather than signatures on
    important documents and have done for centuries. The British kings even
    had different seals for personal and state use.
    http://www.battle1066.com/g223.shtml

    You continue to require digital signature to supply a level of security
    millions of times higher than handwritten signatures. When we point
    this out you discard this information and reply with insults. You then
    cheat and chose the weakest form of signing of the grounds that it is
    stronger.

    Andrew Swallow

  12. Re: When *not* to sign an e-mail message?

    Mxsmanic wrote in
    news:5t5p02tlc02atnjuimkf9q1qh8ni2ihovh@4ax.com:

    > nemo_outis writes:
    >
    >> I don't want to adopt a signing system that imposes a severe duty of
    >> care regarding keys.

    >
    > You prefer a signing system that makes forgery so easy that it's
    > essentially dependent on the honor system?



    No, it is not "essentially dependent on the honour system." In your
    eagerness to make a point you have crossed over into transparent
    intellectual dishonesty.

    Five hundred years and more of social, legal and commercial practice says
    handwritten signatures are adequate to the task. Actually, to many
    tasks. Yes, there are deficiencies and weaknesses in the handwriting
    system - as with any system - but it has been, on the whole,
    satisfactory.

    Now that doesn't mean one should close one's mind to alternatives.
    Indeed, in time, we may decide that the digital alternatives are
    superior. More likely we will find that they are superior for some uses
    and inferior for others. However, digital signatures are in their
    infancy - it would be not just premature but rash to say they should
    supplant handwritten signatures.


    >> No, I'd much rather have a system where the only requirement was for
    >> a single constructive act on my part - a handwritten signature - with
    >> no onerous additional obligations before or after.

    >
    > And anyone can write that handwritten signature--you need not even be
    > present.



    Once again, in your eagerness you have grossly misstated your case.

    No, only *I* can write *my* signature. Others can only produce simulacra
    which approximate it to a greater or lesser degree. You are confusing
    and conflating the verification and validation of handwritten signatures
    with their production.

    But whatever deficiencies handwritten signatures may have, digital
    signatures are even worse - they can be counterfeited *perfectly* rather
    than approximately by someone who manages to get the key (which would be
    a very significant risk for many in the real world).

    Regards,



  13. Re: When *not* to sign an e-mail message?

    Andrew Swallow writes:
    > You continue to require digital signature to supply a level of
    > security millions of times higher than handwritten signatures. When
    > we point this out you discard this information and reply with insults.
    > You then cheat and chose the weakest form of signing of the grounds
    > that it is stronger.


    it turns out that the issue of digital signatures with integrity and
    authentication is different than the issue of human signatures with
    intent. one might be tempted to use an example of comparing the color
    orange in oranges with the color red in apples (except they have
    closer relationship being both colors and both involve fruit).

    in any case, there was the whole attempt to try and establish the
    non-repudiation flag in digital certificate standards ... which
    eventually fell into much disrepute, in large part because the issue
    of integrity and authentication (associated with digital signatures)
    is unrelated to intent (associated with human signatures).

    misc. past postings about signatures
    http://www.garlic.com/~lynn/subpubkey.html#signature

    previous pieces of thread:
    http://www.garlic.com/~lynn/2006d.html#32 When *not* to sign an e-mail message?
    http://www.garlic.com/~lynn/2006d.html#33 When *not* to sign an e-mail message?
    http://www.garlic.com/~lynn/2006d.html#34 When *not* to sign an e-mail message?

    --
    Anne & Lynn Wheeler | http://www.garlic.com/~lynn/

  14. Re: When *not* to sign an e-mail message?

    Andrew Swallow wrote:

    >> But we were discussing handwritten versus digital signatures.

    >
    > Governments and corporations use seals rather than signatures on
    > important documents and have done for centuries. The British kings even
    > had different seals for personal and state use.


    And the signature of Karl the Great (or Charlemagne, as the French call
    him) was actually just a little line that he added to the official
    seal...


    Juergen Nieveler
    --
    Hidden DOS secret: add BUGS=OFF to your CONFIG.SYS

  15. Re: When *not* to sign an e-mail message?

    "nemo_outis" wrote:

    >> The reality is that it's easy to forge handwritten signatures, no
    >> matter how much forensic effort you put into checking them. They are
    >> fundamentally insecure.

    >
    > Well then, why don't you pen a series of letters ostensibly from
    > George Washington and sell them at immense profit?


    Because he can't get the right (old enough) paper? ;-)

    Juergen Nieveler
    --
    Modesty is a vastly overrated virtue

  16. Re: When *not* to sign an e-mail message?

    > You continue to require digital signature to supply a level of security
    > millions of times higher than handwritten signatures. When we point
    > this out you discard this information and reply with insults. You then
    > cheat and chose the weakest form of signing of the grounds that it is
    > stronger.
    >
    > Andrew Swallow




    There is no evidence that digital signatures provide security "millions of
    times higher." You have focussed on one narrow aspect of their use: the
    difficulty of computationally breaking the key. However, the breaking of
    the key is only one potential failure mode for a digital signature system.

    Signature systems must operate in a far broader legal, social and economic
    milieu than that with respect to all their functions, including security.
    It is the end-to-end security, and social utility generally, which must be
    considered, rather than merely one aspect of calculating the key.

    And, as I have pointed out, the digital signature system can impose a
    number of burdens on users, such as the requirement to keep keys secret for
    a very long time, or to extend trust to third parties (e.g., Verisign). It
    is an open question whether many people can successfully bear such burdens,
    for if they are not sustainable generally in ordinary human intercourse
    then the application of digital signatures will be reduced to a narrow
    niche.

    Regards,





  17. Re: When *not* to sign an e-mail message?

    Andrew Swallow wrote in news:dui7ql$6se$1
    @nwrdmz01.dmz.ncs.ea.ibs-infra.bt.com:

    > nemo_outis wrote:
    >
    >> Andrew Swallow wrote in
    >> news:dui1oh$k8j$1@nwrdmz01.dmz.ncs.ea.ibs-infra.bt.com:
    >>
    >>
    >>>Thank you. Yes signing using rubber stamps is a little Victorian.
    >>>
    >>>Andrew Swallow

    >>
    >>
    >>
    >> And many Asians continue to use the chop system rather than

    signatures.
    >>
    >> But we were discussing handwritten versus digital signatures.

    >
    > Governments and corporations use seals rather than signatures on
    > important documents and have done for centuries. The British kings

    even
    > had different seals for personal and state use.
    > http://www.battle1066.com/g223.shtml
    >
    > You continue to require digital signature to supply a level of security
    > millions of times higher than handwritten signatures. When we point
    > this out you discard this information and reply with insults. You then
    > cheat and chose the weakest form of signing of the grounds that it is
    > stronger.
    >
    > Andrew Swallow




    There is no evidence that digital signatures provide security "millions
    of times higher." You have focussed on one narrow aspect of their use:
    the difficulty of computationally breaking the key. However, the
    breaking of the key is only one potential failure mode for a digital
    signature system.

    Signature systems must operate in a very broad legal, social and economic
    milieu with respect to all their functions, including security. It is
    the *end-to-end security,* and the social utility generally, which must
    be considered, rather than merely the one aspect of calculating the key.

    And, as I have pointed out, the digital signature system can impose a
    number of burdens on users, such as the requirement to keep keys secret
    for a very long time, or to extend trust to third parties (e.g.,
    Verisign). It is an open question whether many people can do this
    successfully, for if these additional requirements are not sustainable
    generally in ordinary human intercourse, then the utility of digital
    signatures will be largely vitiated and their application reduced to a
    narrow niche.

    In short, while digital signaturs are strong in one aspect, they are
    tediously and burdensomely deficient in other aspects. Moreover, they
    differ from handwritten signatures in yet other ways which invites
    confusion, abuse and exploitation of the public which is not aware of
    such lurking dangers.

    Regards,

    PS That encrypted email has never achieved even modest acceptance is
    strongly suggestive of how unenthusiastic the general public is likely to
    remain regarding digital signatures.


  18. Re: When *not* to sign an e-mail message?

    Juergen Nieveler wrote in
    news:Xns977EE5F047759juergennieveler@nieveler.org:

    > "nemo_outis" wrote:
    >
    >>> The reality is that it's easy to forge handwritten signatures, no
    >>> matter how much forensic effort you put into checking them. They are
    >>> fundamentally insecure.

    >>
    >> Well then, why don't you pen a series of letters ostensibly from
    >> George Washington and sell them at immense profit?

    >
    > Because he can't get the right (old enough) paper? ;-)
    >
    > Juergen Nieveler



    Absolutely correct. Real handwritten signatures do not "hang in the air"
    but exist in a physical context. That physical context (the ink used, the
    paper, writing pressure and speed, the other printing or writing on the
    page, etc.) can play a role in verification of a handwritten signature and
    distinguishing it from a counterfeit.

    Regards,


  19. Re: When *not* to sign an e-mail message?

    nemo_outis writes:

    > No, they are not legally identical. As just one blatant difference digital
    > signatures are not recognized as valid in many jurisdictions.


    That's a local determination, not a global principle.

    --
    Transpose mxsmanic and gmail to reach me by e-mail.

  20. Re: When *not* to sign an e-mail message?

    Mxsmanic wrote in
    news:fpor02dgfrj2n40pkkdl2elltmnh63n4vt@4ax.com:

    > nemo_outis writes:
    >
    >> No, they are not legally identical. As just one blatant difference
    >> digital signatures are not recognized as valid in many jurisdictions.

    >
    > That's a local determination, not a global principle.



    I have no idea what your quibbling and weaseling is intended to convey.
    And neither, I suspect, do you.

    You stated that digital and handwritten signatures were legally identical.

    You made a statement of [alleged] fact, an absolute and unqualified
    statement. And that statement is patently false!

    Regards,



+ Reply to Thread
Page 2 of 3 FirstFirst 1 2 3 LastLast