On Wed, Oct 12, 2005 at 12:07:13AM -0700, "Hal Finney" wrote:
The fact that we may have to add further rules clarifying how to use it
just emphasizes our lack of experience with the construct. Often with
these things you don't find the problems until you actually try to use it
for something and interoperate with others. Given that notary signatures
have been in the draft in some form or other for years without seeing
any use that I know of, should we consider taking them out?
On Wednesday 12 October 2005 08:06 am, Daniel A. Nagy wrote:
Please don't. I do have a very good use for them and I'm going to go ahead
with an implementation. As soon as it's working reliably and securely, I
will write up the specifications for inclusion in the standard.
I second this. A workable notary signature method for both clear-signed and
pgp/mime is badly needed for evidentiary reasons.
The hypothetical human rights example discussed a few weeks ago applies
clearly here, where a file/message may pass through multiple hands before
arriving at it's final destination, and the original signer may be dead by
the time it gets to the final destination. Having a notary chain of
signatures over the same original can provide valuable chain of evidence
information.
Regards,
- Brian Peterson