On Wed, 29 May 2002, Curt Smith wrote:
I agree that under-the-hood encryption is becoming more and more prevalent, and that it generally improves security. Also, the widespread use of encryption technology helps protect cryptorights in general as important to the public good.
This is kinda the opposite of...
Both legally-binding and authentication technology should not be completely transparent. Even "EULA's" require user-intervention. Digitally signed messages should require user-intervention.
this. Having it be "transparent" where the user doesn't need to know anything about how it works does not have to destroy the effectiveness of digital signatures or crypto. When people sign a document they don't know all the ramifications because few bother to read all of any document they sign - most of it won't apply as long as you keep your part of the bargin, so why bother? The same thing should be true of digital signatures. The user shouldn't have to know a thing, other than they've made a promise they better keep or all the bad clauses really do apply, and the proof of their signature will come to haunt them. The way the digital signature works does not matter to them, and it shouldn't need to. If digital crypto, signatures or e-cash are going to get into mass appeal, then their operations will be "magic" to the majority. And it all has to work, to 1 part in 10^8th or better, without user comprehension. It may well take "user intervention" to create a signature, but they shouldn't have to know what they are doing. Patience, persistence, truth, Dr. mike