EU Draft Digital Signature Directive

[Clare Wardle]

At the risk of joining Nigel in the pillory............

Quite a few contributors to this group as well as others  have said there is no reason to have  a public directory at all because everyone only wants to talk to their friends - now someone has noticed that it might be handy to have a method of checking whether the travel agent you are  thinking of  buying a holiday from  exists, and being able to look him up in a public directory would be quite useful too......I think it's quite fair for Nigel to have his little jokule.

By the way, as far as I know the current proposals don't even say that you have to use a licensed TTP let alone that you have to use any particular method of encryption.

More relevantly to this strand, Nicholas Bohm wrote:

>My main point is that consumers at present have inadequate means for
>protecting private keys from compromise, and it is therefore unacceptable
>to transfer to them the risks which would be imposed on them by making
>digital signatures non-repudiable.


I don't agree with Nick Bohm that there is a problem with appropriate technology (and services)  being available to consumers - by the time this directive comes into force (a couple of years off minimum) there will be.  Whether any signature should be totally non-repudiable under any circumstances is another question.