EU Draft Digital Signature Directive
Brian Gladman
gladman at seven77.demon.co.uk
Fri, 28 Aug 1998 22:54:56 +0100
Charles Lindsey <chl@clw.cs.man.ac.uk> wrote:
> On Thu, 27 Aug 1998 17:15:58 +0100
> Denis.Russell@ncl.ac.uk said...
>
>> The technology of digital signatures gives a method of showing to a high
>> degree of certainty that something with x's digital signature was
actually
>> signed by x. (There are all the usual caveats that x has obeyed the right
>> procedures and that her key has not been compromised by Tempest
>> eavesdropping, cracking with secret quantum mechanical computers,
>> blackmail, seduction etc, etc, but let's accept these threats as fairly
>> small. The rest of this depends on the assumption that digital signatures
>> work to a high degree of reliability.)
>
>No, that is the old perception of what a digital signature means. The
>world is moving on (see SPKI, and also some hooks in the open-pgp
>draft).
Digital certificates are certainly becoming more sophisticated but they
still depend on digital signatures as primitives and these have to be
distinguished from the certificates themselves since they have very
different properties.
Brian