Dear Ed. This will be the last email from me on this topic so it is no use in replying to me. As usual you have to be controversial and I think rude in the making. I unfortunately doubt that you understood the article but at least others have, which gives me some justification in publishing mine and Bill's thoughts on the topic. Adrian McCullagh Director of Electronic Commerce Tel: 617 3231 1522 Gadens Lawyers Fax: 617 3229 5850 level 39 Central Plaza 1 345 Queen Street Brisbane Australia 4000 Ph. D. Candidate Thesis "The Incorporation of Trust Strategies in Digital Signature Regimes for Elec. Comm." Information Security Research Centre Queensland University of Technology -----Original Message----- From: Ed Gerck [mailto:[EMAIL PROTECTED]] Sent: Thursday, August 10, 2000 8:24 AM To: Eric Murray Cc: Derek Atkins; Ian BROWN; R. A. Hettinga; Digital Bearer Settlement List; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Non-Repudiation in the Digital Environment (was Re: First Monday August 2000) The paper's conclusions are: 1. "This paper demonstrates that the deployment of a trusted computing system for digital signatures is the only secure option," Comment: this is a tautology, for which no demonstration is necessary and is not even in question. The question is how to make it happen in the real world, where a trusted computer system might be only the ones that are turned off and buried underground. 2. "resulting in a legal position where the onus of proof for the electronic environment is equivalent to the paper-based environment." Comment: I want to say -- Gimme a break! Everyone knows that paper-based environments are not golden standards for security. Why have banks moved and are moving more and more a w a y from paper? Why are paper badges only to be found with dodos? 3. "If a trusted computing system is used to affect a digital signature, then and only then can the onus of proof lie with the recipient in the same manner that exits in the paper-based world." Comment: this is a non sequitur. And, as everyone knows, the onus of proof lies always on you ;-) When push comes to shove, if you can prove you did sign the insurance policy before the quake because there is (for example) a digital timestamp that can be verified, the recipient may say whatever it wishes. 4. " Without a trusted computing system, neither party - the signer or the recipient - is in a position to produce the necessary evidence to prove their respective case." Comment: Give me trust so that I can use it, is the message here. Trust, however, is earned. To produce the necessary evidence, either party may need to use another system. Volkswagen AG is a trusted and known company and yet this did not prevent them from encroaching into GM's intelectual property and actually using it, which later on caused (in 1998) VW to pay a fine of US$ 1.1 billion (yes, billion). We find in security work that trust is oftentimes a question of the extent to which that trust finds itself stressed to until it fails when a limit is reached. For VW, that was their limit. 5. "Hence the implementation of a trusted computing system will allow for a balance between the two environments." Comment: The authors seem to believe that trusted computing systems arrive by mail order catalogues. No, someone needs to say that they are simply abstractions -- useful, but abstractions. If I trust a computer system before I know that my competitor trusts it, will it make a difference that my competitor now trusts it? Yes, as we see everyday. I do not want to give the article a dismissive treatment, because it does have some useful comments, but the glaring mistakes and omissions also in the legal part make it IMO a difficult read. I was somehow expecting a better take from Adrian. I guess the article is simply not non-repudiable ;-) Cheers, Ed Gerck