Brad Ideas
Crazy ideas, inventions, essays and links from Brad Templeton
Brad IdeasCrazy ideas, inventions, essays and links from Brad Templeton |
|
|
|
NavigationUser loginIf you like this blog, do me a favour and start your Amazon shopping (especially a kindle) from this link, and I'll get a cut. Recent comments
Top EssaysRecent blog posts
BlogrollFellow EFF Folks
Cory Doctorow Larry Lessig Ed Felten Dave Farber John Perry Barlow EFF Deep Links Dave Sifry Syndicate |
Signatures
Are funny things, legally. The signature isn't really the bond as far as I understand it. It is the act of signing which bonds you to the agreement. Making an "X" can be a signature, after all. If somebody hands a document with your signature on it you can say, "I didn't sign it" and if it's just an exact copy of another signature from a different document, you can certainly create doubt about it. Then, in a court, a jury will have to decide if you signed it or didn't.
So the real goal of putting a signature on a document digitally is to get the other person to accept that it bonds you to the contract. So far, people seem to be accepting this. Keeping a log of the varied signatures you put on documents would give you a very well documented course to prove you signed certain things and didn't sign others. You could tamper with your own log -- though there are way to make logs that even you can't tamper with -- but you would swear under oath that you didn't.
Of course, keeping a log makes it harder to repudiate a signature when you really did sign, and that's both bad and good for you. Bad because you can't lie if you feel the need, and good because people will trust your signature more. An "ideal" solution is one others trust readily but doesn't bind you very much -- but that's an ideal that depends on the others being foolish.
What's more important is documentation of the act of signing. "I emailed the document to him, and 1 hour later he mailed it back with a signature in place" is very good documentation of the act. The actual signature isn't so important.
One could design a system that allowed you to tweak a physical signature in cryptographically unique ways nobody else could generate. But you could also just print out the digits of a digital signature and that would be easier and clearer, so there is not much point.
My goal is to make a system that's easy for *me* but satisfies the people who want old world signatures. The variation is actually less important as a feature, and is just a simple way to foil people who would dupe your signature (in identity theft).