on the term `signature'

L. Detweiler ld231782 at longs.lance.colostate.edu
Sun Oct 24 21:58:48 PDT 1993


Consider the term `signature' in the conventional connotation of a
handwritten scrawl. What are the *critical* properties of a handwritten
signature of a person [x]?

1) no person [y] can `forge' the signature of [x]
2) the signature of [x] is unique to [x]

Look closely at (2). What value would `signatures' have in our society
if they could not be traced to unique individuals? Virtually everyone
here will probably say `no problem' but this aspect is a very critical
aspect of the legal basis for signatures as a certificate of identity.
If a person cannot be traced based on their digital signatures, where
is the accountability? What if a person signs a document with a
`digital signature' and *breaks* that contract? you have no recourse
unless the identity is ultimately identifiable and you can take `that
body' to court.

This `two way street' is the crucial ingredient for the legal value of
handwritten signatures. A person can indicate they consent to an
agreement or certify something as genuine originating from themselves
(one way). But on the other hand, if the agreement is broken or there
is some question of authenticity *independent* of the signature (i.e.,
suppose someone has broken the signature security) there is recourse in
retracing the path back to the original signer (the other way).

Many here are championing that the loss of (2) with `digital
signatures' and completely untracable identities is `liberating'. But
there is a price to pay, perhaps very great. It is simply an unworkable
system anywhere serious accountability is required (such as related to
a job, etc.) Sure, if all people want to do is get into twisted debate
contests, the absence of (2) certainly encourages it (speaking from experience).

Because digital signatures alone are not really strictly analogous to
written signatures because of the lack of property (2) above, perhaps a
better term would be `identification tag'. Adding the guarantee that a
given signature can be traced back to a human entity, with the use of a
database or otherwise, makes them truly `digital signatures'.

please cc: me in any replies.






More information about the cypherpunks-legacy mailing list