ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [ietf-dkim] Improtant legal precedent

2006-04-13 13:45:20
from [Hallam-Baker, Phillip] [Permanent Link] 
The full case is online at
 
http://www.bailii.org/ew/cases/EWHC/Ch/2006/813.html
 
The article at the Register appears to be misinformed. The text of the
judgement makes it clear that the Appeals court took into account the
difference between information added automatically by the infrastructure and
a signature intended to make a legaly binding contract offer.
 
I think it is clear that DKIM signatures do not affect the issue of whether
an email message is a contract. An email message can be a contract even
without a DKIM signature. In no case does a DKIM signature added by an ISP
turn an email message into acceptance or offer of a contract.
 
On the other hand adding initials, a name at the end of an email does
potentially turn the message into an offer or acceptance of a contract
regardless of whether there is a digital signature on the message.
 
All that using DKIM does is to prevent an attacker modifying the message to
claim that the sender proposed or agreed to a different contract.
 
Adding a PGP or S/MIME signature could well be considered an affirmative
act, but we knew that from the start.
 
The UK court judgement only affects common law countries but it is not a
suprise and I would expect other legal systems to arrive at the same
conclusion. Continental law tends to be even pickier and more restrictive
when it comes to what can be considered a contract.

  _____  

From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org 
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org]
On Behalf Of Hallam-Baker, Phillip
Sent: Thursday, April 13, 2006 3:58 PM
To: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: [ietf-dkim] Improtant legal precedent


One of the first precedents on email signatures
 
http://www.theregister.co.uk/2006/04/12/email_sigs_legal/
 
Reading the article it appears that a DKIM signature added by the
infrastructure would not constitute a signature for the purposes of making a
contract. A DKIM signature added at the client would only count if there was
an afirmative signature action, e.g using PGP, S/MIME or adding a name to
the bottom of the email
 
    Phill

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] Improtant legal precedent, Hallam-Baker, Phillip
Next by Date:  Re: [ietf-dkim] New issue: Signing by parent domains, Jim Fenton
Previous by Thread:  [ietf-dkim] Improtant legal precedent, Hallam-Baker, Phillip
Next by Thread:  [ietf-dkim] Service model options for an ISP, Mark Delany
Indexes:  [Date] [Thread] [Top] [All Lists]