Financial Cryptography Update: Notary Publics to Cryptographers - keep yur grubby mits off! ( was Cryptography Rides to the Notaries' Rescue)

[For an alternate view on the applicability of cryptography to the notary function] Financial Cryptography Update: Notary Publics to Cryptographers - keep yur grubby mits off! April 10, 2006 ------------------------------------------------------------------------ https://www.financialcryptography.com/mt/archives/000694.html ------------------------------------------------------------------------ I've often written about how certain words are stolen and misrepresented in the field of FC. One is non-repudiation, which continues to bedevil some architectures and policies where they haven't been informed of the impossibility. Another is trust, which is more often used as a marketing plus than an admission of fundamental weakness. Yet another -- we're on a roll here -- is digital signature, which Lynn euphemistically refers to as sometimes being foolishly confused with signatures made by humans. Philipp pointed me to a 2001 American Notarization Association position paper complaining about the abuse of the term 'notary' by the tech industry. http://www.nationalnotary.org/userimages/Notary_Terms.pdf A Position on Misleading Usage of Notary Terms in the Electronic Age ================= Notarization, Notary, and related terms are being co-opted by certain private companies and state legislatures and applied to processes that have nothing to do with valid, legally recognized notarization. These new processes either do not involve state-commissioned Notaries at all or they violate key principles involving trusted third parties, principles that form the bedrock of commerce and law. The repercussions of this verbal misappropriation can be devastating to consumers because, believing they are receiving certain protections from a process misrepresented as notarization, they may instead find themselves victimized by loss of valuable personal and real property without the legal assurances offered by valid notarization. ================== Where I've complained about the term notary is in the OpenPGP forum where there are efforts (every 12 months or so) to bolster up the capability of that protocol to do notary stuff. My comments were quite simple - the meaning and application of the word is completely different between civil law and common law, so when you apply the term into an international, cross-jurisdictional cryptoprotocol such as OpenPGP, which were you referring to? Such comments were nowhere near as informed as this document, which includes a very concise, clear definition of the process, at least in US terms: ========8<================== Fundamental Components of Notarization In order to fully appreciate the harm caused by misleading usage of the term notarization it is necessary to understand the fundamental components of a traditional notarial act. Briefly explained, there are five essential steps in an acknowledgment;2 acknowledgment is the notarial act most often used to authenticate documents of great monetary value:  Personal Appearance: The document signer must appear in person before, and communicate with, the Notary Public, face to face, in the same room. Physical presence allows the Notary not only to identify the signer, but also to make observations and commonsense judgments that the individual appears willing and aware.  Identification: The Notary must positively identify the document signer beyond a reasonable doubt, either through personal knowledge of the individuals identity, the sworn vouching of a personally known credible witness, or reliable identification documents.  Acknowledgment by Signer: Personal appearance and identification are meaningless without a context, and it is the signers active acknowledgment of a particular signature, document, and transaction that provides the context.  Lack of Duress: Integral to the acknowledgment is the Notarys observation that the signer was not under duress or direct physical threat at the hands of a third party.  Awareness: Essential as evidence of the signers intent is the Notarys observation and judgment that the signer appears to be conscious and aware at the time of signing. =========>8============= Hot Dang! Try doing that in a remote-parties cryptoprotocol with NIST-approved blah blah. I have to admit, I'm impressed by the quality of writing in this paper. It goes right for the jugular. =========8<============= Corporate License Increasingly, American corporations offering Public Key Infrastructure (PKI)3 management services have been using the terms Notary and notarization to describe their services. These processes typically involve the time-date stamping of text, and they amount to notarization only in the metaphorical sense. These services do not provide the assurances associated with official notarial acts by a state-commissioned Notary Public and, for that reason, they lack the legal authority of proper notarization, which is ... to provide prima facie evidence of the truth of the facts recited in the certificate and to establish the genuineness of the signatures attached to an instrument.4 =========>8============= It is repeatedly asked in circles where crypto really matters what the form of statement your average CA is making. This paper points out one of the flaws in the process - a CA may well not have any legal authority to make the statements that it is purporting to make! Think the so-called digital signature laws might resolve this? Think again: =========8<============= Governmental License Another development is adding to the current state of confusion in the marketplace and it is potentially more harmful to the public than deceptive misuse of sensitive terms by corporate marketers; that is, poorly thought-out redefinition of notarial procedures by hasty lawmakers. =========>8============= Names are named! Not only are the States various slammed for their laws, many commercial services are given a darn good slapping. Read the whole thing, if only to see how no-nonsense rejections of poorly thought-out marketing programmes can be written. We need more of these! --