Matt McCutchen wrote:
On Fri, 2010-06-11 at 06:01 +1000, Stephen Wilson wrote:
Has any work been done in PKIX or elsewhere on formal witnessing of
digital signatures? And/or ... does anyone in the group know of real
life instances where a digital signature is witnesses and attested to
using another dig sig?
How would one "witness" a digital signature? To witness a physical
signature means that one has personal knowledge that the signer
intentionally signed the document. Simply adding a digital signature to
a document bearing someone else's digital signature is not witnessing in
Matt, you're right.
That's another example of trying to solve something with PKI technology
instead of examining how processes work in the real world and whether there's
a technical solution at all. Just like the famous "warranty" draft.
smime mailing list