*Hobbit* writes
I was thinking about a problem involving two parties signing a file and each keeping a copy, as they would do with a paper contract, and came up with something like the following:
Two parties securely exchange public keys, each signed by the other, and verify correctness through some channel like the phone.
Bad idea. A signature, like a signet ring, must be *publicly* associated with an identity to be useful. Use web of trust. Both A and B have well publicized public keys. Each then sends the other a signed letter saying "I agree to the following provided you also agree to the following" First step: A decent user interface to PGP Zeroth step. Chicago (Yes I know that Unix is the most holy and greatest operating system in the world, but face it. The chairman of the board is *not* going to learn to use unix.) (Windows is incapable of acting as a host, being non pre-emptive, and therefore is a pain on the internet.) -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd@netcom.com