Ian G wrote:
Ben Laurie wrote:
Well, in the UK, it is the Law Society's opinion that existing law
applies equally to digital signatures.
Good for them. So does that mean when user
software uses a digsig to ensure message
integrity, it also committed the user to
a contract?
No, it means much the same as a written signature - that is, whatever
was intended by the two parties, as should be clear from the signed
document.
In general, most of the digsig laws tended to
fall back to stating that a digital signature
was not to be rejected as a signature just
because it was in digital form. Others said
something much more complicated, and often
created two disctinct legal regimes for digsigs.
In all that, there remains a huge difference
in the meaning of any given signature. Most
applications have muffed this issue, often
ascribing in vague terms several distinct
purposes at once to the digsig.
That's because signatures _are_ vague. IMO, attempts by techies to make
signatures rigorous are misguided.
--
>>>ApacheCon Europe<<< http://www.apachecon.com/
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff