Legal Background to Digital Signing

Terms

What is Signing?

Signing is an act done by humans that has several components:

In computing terms, it might be thought of as an application or protocol, but several of the components are non-technological.

What can form a signature?

All of these can form a signature, under the right circumstances:

All these examples are drawn from (Mason, 2007) primarily 2.9 thru 2.32.

What does not form a signature?

In contrast, a mechanical or wax or paper seal alone has not always been considered to form a signature:

"that sealing is signing, I am not convinced; for sealing identifies nothing; it carries no character ... and most seals are affixed by the stationers, who prepare the paper."

Sir John Strange, reported in Mason, page 58.

and:

"It is true that one piece of wax may serve a number of people, if each of them impress it himself, or one for all, but the proper authority, or in the presence of all, .."

Lord Denman CJ, reported in Mason, page 60.

In contrast:

"Now, whether the mark is made by a pen or by some other instrument cannot make a difference, neither can it in reason make a difference that a fac-simile of the whole name was impressed on the will instead of a mere mark or X."

Sir C. Creswell, reported in Mason, page 73.

The presence or absence of the seal then is not enough for the court to decide a document was not signed. A court will look for other issues to help. E.g., in the USA, a Japanese seal, or "chop", has been accepted for commercial purposes {2.36}. In contrast, a seasonal greeting seal, containing the words Merry Christmas. American Red Cross, 1912 Happy New Year. was accepted for a will, as the seal was also inscribed with the initials of the testator {2.36}.

How are documents determined to be signed in practice?

How then to walk this minefield? The trick is to consider a signature as a token of intent, not as intent itself. The court is concerned with intent, first and foremost, and it looks at all of the clues that the parties might have left, and considers the wider context such as the value, the law, and customs.

Hence, in the English common law tradition, the presence of a signature does not mean to the court that the document is signed, the absence of the signature does not mean that it is not signed. A document or the like is accepted by the court as signed if the evidence supports that the signing person intended to do so. Hence, all the above forms are acceptable, as long as there is no particular reason to doubt that the intent was clear. Likewise, the absence of a mark at all may be accepted, if there is other evidence that indicates the person intended on it.

What part can a digsig play in signing?

In examining the signing potential for digsigs, we need to look, as described above, not so much as any mark that is left, but the intent of the signer. The mathematics unfortunately tell us little because they are the protocol of several bits of data (being the private key's transformation over the document's hash, left for the pleasure of the public key's validation).

Some scenarios

Then, the question to be asked is, what do we know about the person's intent? A pure digsig from a certificate may not add very much. Let's examine some scenarios:

  1. A software-only certificate is loaded into a program on Alice's PC. It signs on the user's behalf. This may place the software as an agent, but we would still need to establish that the user has appointed the software as an agent (whatever that means). In practice, we would not be able to conclude that there was any reliable intent or appointment because (a) software often defaults to always attaching a digsig, and (b) software generally hides the import of any digsig. C.f., S/MIME.

  2. A hardware-based certificate along the lines of a European-style qualified certificate, hereafter referred to as smartcards. These hardware devices might be more robust because the placing of the smartcard into a slot may indicate intent. However, the nature of smartcards, etc, is often that they are put into smart card readers and left there, and multiple people or tasks or roles may share in the bounty. At this point we are close to the preceeding software scenario, as we cannot rely on the rest of the software stating what is happening.

  3. A smartcard placed into an ATM. The problem with this scenario is that the use of the digsig is the same for all transactions, including ones of balance-checking, transfers and withdrawals, and even potentially for many transactions in a row. Any act of signing is then more tied to the act of using the ATM, not an act of withdrawing money. Hence any digsig is more of an authentication of the access rights of the person, not a signature on an act.
  4. A near-field communication "fob". This thing is like the smart card but is waved across a reader from a distance of 1cm to 1m. It is the same logically as the preceeding ATM example, excepting that Alice may not have done anything (walking past a turnstile) or even be aware that the act has happened.
  5. A hardware-based certificate with a "trusted" card reader. C.f., FINREADER. This device by necessity has a display that shows what it is that is being signed. To the extent that these assumptions can be shown, then digsigs so might be accepted as digital signatures. However even here there is looseness: a false reader can be connected to a real reader, and a display may be limited and spoofed. However, it may be fair to suggest that a court can deal with these issues in a reasonable fashion, because most of the intent issues are addressed in the design.

As we are only concerned at CAcert with software-based certificates, we should concentrate on the software case only. The others are presented because frequently, digsigs are justified on scenarios that are not in use.

A CAcert certificate adds what to intent?

We can conclude that the presence of a CAcert cert's digsig may add nothing to the question of signing by a user? Can it add anything? The answer is, without any other information, nothing, because it does not show anything about intent.

Hence, we would need to add something to the protocol to show intent. Then, we can ask a question: if we then employ that protocol, how robust is it if the digsig is removed?

Differences with continental (civil-code) law approach

Country

Status

links

remarks

USA

Australia

Europe

legal text since 1999

legal but need to be adapted to each EU member

Germany

France

legal since 2001

see France section

same legal value as written signature, no practical usage so far

References

  1. Stephen Mason, Electronic Signatures in Law, 2007 2nd Edition, Tottel Publishing.

    1. Now in 3rd Edition.

    2. Also see Stephen's essay Signatures on facsimile transmissions and e-mail which may be an easier entry to the topic.

  2. Iang, The Definition and Function of the Signature (drawn from Mason 2007), Financial Cryptography blog, covers a similar treatment.