Re: [openpgp] Steven Mason's "Electronic Signatures in Law" now in 4th edition and FREE!
vedaal@nym.hush.com Mon, 19 December 2016 19:08 UTC
Return-Path: <vedaal@nym.hush.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9B70E1295CA for <openpgp@ietfa.amsl.com>; Mon, 19 Dec 2016 11:08:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=hush.ai
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f6iyUO7gSkk0 for <openpgp@ietfa.amsl.com>; Mon, 19 Dec 2016 11:08:50 -0800 (PST)
Received: from smtp3.hushmail.com (smtp3.hushmail.com [65.39.178.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D8253120727 for <openpgp@ietf.org>; Mon, 19 Dec 2016 11:08:50 -0800 (PST)
Received: from smtp3.hushmail.com (localhost [127.0.0.1]) by smtp3.hushmail.com (Postfix) with SMTP id 3910EE025E for <openpgp@ietf.org>; Mon, 19 Dec 2016 19:08:50 +0000 (UTC)
X-hush-tls-connected: 1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=hush.ai; h=date:to:subject:from; s=hush; bh=I9uZ/r5tI3uZrh0aL/tE9Zd85FjiLkEN3J2eOR2LGR0=; b=DbLfKfvWX2McoZW1yUg3QI7zPV9ImG7sFXvHiSiRV5NT0jXaIJoafHinVPk+XCOUzaQ8sxtrnMSysuTnt75PVAErPfTk/AKRLRyIxm+ovXsQ7IV2n+jfSZ4muHdksHouUOHQLs9DQuvCnLt/KJUs652LelX+DBK9KhrIQj7oQS6Wh9ftWQ+kAnc/BzO+5wPEqB4jZGxCc2+jHSPpiN1avGn3OKEZIsWOHHFN2C1Bxjlh4a+uqV4cZm2z81P/QBKjt8fFonv5dtI2Vha0YjUN4VwMFLQ/xtYQPfPVzGP+rsbz63P7Sbrt6DS8rqNq5uOMkKgvtJBjvLM8Mgw0MjKrJg==
Received: from smtp.hushmail.com (w7.hushmail.com [65.39.178.32]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp3.hushmail.com (Postfix) with ESMTPS for <openpgp@ietf.org>; Mon, 19 Dec 2016 19:08:50 +0000 (UTC)
Received: by smtp.hushmail.com (Postfix, from userid 99) id 0163E40630; Mon, 19 Dec 2016 19:08:49 +0000 (UTC)
MIME-Version: 1.0
Date: Mon, 19 Dec 2016 14:08:49 -0500
To: openpgp <openpgp@ietf.org>
From: vedaal@nym.hush.com
In-Reply-To: <CAMm+Lwiq7GhwE1pc+vF1Dgvb5TbEFYoJMCjuS1hr685AfM1k8A@mail.gmail.com>
References: <20161129091837.GA25812@littlepip.fritz.box> <1480411542920.18425@cs.auckland.ac.nz> <54a2cbfb-70e2-4655-b5bb-3ded94ba3cec@iang.org> <CAMm+Lwiq7GhwE1pc+vF1Dgvb5TbEFYoJMCjuS1hr685AfM1k8A@mail.gmail.com>
Content-Type: multipart/alternative; boundary="=_977a0e98e8f92e6a6b32c87172aa4e8c"
Message-Id: <20161219190850.0163E40630@smtp.hushmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/p0FHTbp87cFsH6h4vY7yJwAMhJo>
Subject: Re: [openpgp] Steven Mason's "Electronic Signatures in Law" now in 4th edition and FREE!
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Dec 2016 19:08:52 -0000
On 12/10/2016 at 11:08 PM, "Phillip Hallam-Baker" wrote: Which would appear to remove the argument that we should avoid digital signatures because they are too difficult. It really isn't that difficult to see that the digital signature does not make the legal position any worse than it is with regular email and could if correctly applied make things a lot better. What we are really talking about here is not merely the creation of an autography but the performance of an intentional act of signing. I don't think that a regular email application or for that matter any general purpose communication mechanism should be used for that purpose. Rather, intent to sign should be expressed through a separate application and a key that is specific for that purpose. ===== There is a commercial product called Docusign https://www.docusign.com/ I'm not familiar with the specifics, but it seems not to have done away with the central issue, of trusting that the signer is the real person whose name is being signed, just as an open-pgp signature is not trusted unless one trusts that the signing key belongs to the person of that name. Just as anyone can create a pgp signing key with any name, anyone (with the proper personal information) can create a Docusign key/certificate. vedaal
- [openpgp] On Signed-Only Mails Vincent Breitmoser
- Re: [openpgp] [messaging] On Signed-Only Mails Peter Gutmann
- Re: [openpgp] [messaging] On Signed-Only Mails Vincent Breitmoser
- Re: [openpgp] [messaging] On Signed-Only Mails Peter Gutmann
- Re: [openpgp] On Signed-Only Mails Kristian Fiskerstrand
- Re: [openpgp] On Signed-Only Mails Vincent Breitmoser
- Re: [openpgp] On Signed-Only Mails Brian Sniffen
- Re: [openpgp] On Signed-Only Mails brian m. carlson
- Re: [openpgp] On Signed-Only Mails Alexander Strobel
- Re: [openpgp] On Signed-Only Mails Peter Gutmann
- Re: [openpgp] On Signed-Only Mails Thijs van Dijk
- Re: [openpgp] On Signed-Only Mails Brian Sniffen
- Re: [openpgp] [messaging] On Signed-Only Mails Taylor R Campbell
- [openpgp] Steven Mason's "Electronic Signatures i… ianG
- Re: [openpgp] [messaging] On Signed-Only Mails ianG
- Re: [openpgp] [messaging] On Signed-Only Mails Phillip Hallam-Baker
- Re: [openpgp] Steven Mason's "Electronic Signatur… Phillip Hallam-Baker
- Re: [openpgp] Steven Mason's "Electronic Signatur… vedaal