EU Draft Digital Signature Directive

Ian G Batten I.G.Batten at ftel.co.uk
Fri, 28 Aug 1998 07:57:45 +0100 (BST) 

This is a multi-part message in MIME format...

------------=_904287458-12653-0
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Content-Md5: 5bmilPH5x4htntdTi0H4mQ==

Dennis Russel writes:
> The technology of digital signatures gives a method of showing to a high
> degree of certainty that something with x's digital signature was actually
> signed by x. (There are all the usual caveats that x has obeyed the right
> procedures and that her key has not been compromised by Tempest
> eavesdropping, cracking with secret quantum mechanical computers,
> blackmail, seduction etc, etc, but let's accept these threats as fairly
> small. The rest of this depends on the assumption that digital signatures
> work to a high degree of reliability.)

I disagree about the `small threats'.  I'm a chief systems manager, and
my wife's a bank manager.  Both of know how people treat `secrets' ---
they hand them over at the drop of a hat if it makes their life easier.
Sue's customers when she was in retail gave their PIN to their partner,
child, friend, parent to pop down to the cashpoint and acted surprised
when their account got emptied, and my users routinely give their
passwords to their secretaries, colleagues and so on to collect mail
while they're out, get at `private' files when the rightful owner is
phoning up to get some information and a wide variety of other
purposes.=20=20

The whole issue I'm wrestling with here, while we're contemplating using
digital signatures for business approvals, is distinguishing between the
signature of the chief system administrator (which passes to my deputy,
my boss, etc, when I'm not here) and the signature of Ian G Batten in
person (for things relating to me as an employee).  How do we stop
people signing as the chief sysadmin who shouldn't be now, because I'm
in, but can next week, because I'm out?  And so on.

Left alone, this problem would simply result in signing keys being
widely known.  People Don't Keep Secrets if there's a moment's
simplicity in telling other people.  This problem is transitive...

ian

------------=_904287458-12653-0
Content-Type: application/pgp-signature
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
Content-Description: PGP Information

-----BEGIN PGP MESSAGE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: oMj4LNLsnaoB7RIzMGhVmNhm0ThPxlfk

iQB1AwUBNeZG08oy0yij3IvtAQEWjQL/Tt3bHnNWAbP//QE67AFUkV3cJnij6y1q
E5eh15Nm8g4968tCGQ3NnZy32QZ4/FvrFiKsUv8/Iz8O95Ai4xTO+92RvJmSqJmm
0zrvnRVlY9jiAuSiS4ma4r5He9FZLXVk
=LrDP
-----END PGP MESSAGE-----
------------=_904287458-12653-0--