Digital Signatures

lists@notatla.demon.co.uk lists at notatla.demon.co.uk
Fri, 28 Aug 1998 23:56:51 +0100 

George Foot <georgefoot@oxted.demon.co.uk>

> Dr, Gladman has kindly suggested that we continue our discussions 
> in the Public Forum as some people have expressed an interest in 
> earlier exchanges.
> 
> This being the case, here are some more observations relating to 
> the name "Digital Signature".
> 
> It was very natural for the term "digital signatures" to creep 
> into cryptographic glossaries.  
> 
> Why "digital" anyway -- that's not really sensible and digital 
> plays no part in the concept.  We might just as well talk of 
> "analog signatures" -- -- surely the correct reference is to 
> "electronic signatures" as distinct from "written signatures".

"Electronic signatures" is technology-specific and does not cover
IBM's next superchip or "sub-lepton computing facility engine".

I'm happy with the term "digital signature" and Brian Gladman's
reasons for keeping it.

In grepping earlier posts on this list, I found this
from April and Caspar Bowden:

         >   1. "electronic signature" means a process
         >   which indicates the signatory's electronic
         >   approval of the content of data and which
         >   meets the following requirements:
         >
         >   (a) uniquely linked to the signatory;
         >   (b) capable of identifying the signatory;

[Does this mean to someone other than himself ?]

         >   (c) created in a manner or using a means
         >   under the sole control of the signatory; and
         >
         >   (d) linked to the data to which it relates
         >   in such a manner that if the data is altered
         >   the electronic signature is invalidated.


         >   2. "digital signature" means an electronic
         >   signature which uses an asymmetric
         >   cryptographic technique such that a person
         >   having the signatory's public key can
         >   determine whether:
         >
         >   (a) the transformation was created using the
         >   signatory's private key that corresponds to
         >   the signatory's public key; and
         >
         >   (b) the transformed data record data record has
         >   been altered,


> In the minds of non-technical folk a written signature is 
> something which they create themselves and in consequence 
> realize that they have undertaken a personal responsibility 
> for whatever they have signed.
> 
> On the other hand an electronic signature is something which is 
> attached to a message by a machine (a computer) and this they 
> will not consider a personal responsibility and likely enough 
> in a commercial environment they will not even understand the 
> procedure or know that it occurs.

Digital rubber stamps, anyone ?  If these things have any meaning
it should be understood by the signer at the point of signing.
"Approval" as used by the directive seems to indicate some 
(conscious or automated) testing of the data, with successful result.
Just one more thing Joe Sixpack has to learn about.

It's true not all signatures are made directly by people - it would
sometimes be nice to have a communications channel that added
signed timestamps to messages in transit.

In thinking recently about security policy in an organisation I can't
name here I was surprised to notice how often I did want a traceable
human in an audit trail. (Who put this press cutting into the database?)
This is a situation where the organisation can be its own CA at least
as well as any outside body.

> I have written an article called "A critique of Public Key 
> Cryptosystems" which has the intention of drawing 
> attention to practical promlems and stressing the likely 
> bevaviour of "common man". This article you will probably criticise 
> fiercly and you will have justification for your point of 
> view in some respects.  But I declare that if one tries to 
> look at the issues from the point of view of the operator one
> gets a very different view from that seen by the expert.

George kindly showed me last Saturday's version of this, and his remarks
above are probably a rough description of my reactions.  That doc had
some material I regarded as irrelevant and was very sketchy on the
proposed alternative idea which seemed to be 'key distribution solved by
avoiding it'.  Others might be interested.

--
##############################################################
# Antonomasia   ant@notatla.demon.co.uk                      #
# See http://www.notatla.demon.co.uk/                        #
##############################################################