Ian G wrote:
OK, that's interesting but equally worrying that the business people were asking that question, above all others. If so, this would suggest to me that your business people had spent too long in the fluffy "do what lawyers say" world, and had forgotten they had a business to run? Lawyers have a particularly perverse reason to say what they are saying "just what are we signing exactly," and business people would do well to learn why that is.Did your business people ask about the evidentiary aspects? Disputes? Contracts? Basis in law? Risks? Fraud? Document management? Customer relations? Work-flow?
Yes they did.I think you underestimate just how well recognised digital certification is in legal systems around the world. Internet ecommerce is not new, and digital certification is not new to lawyers or the legal system either.
OK, and how do you show afterwards that they signed it? I did a little googling and found something called the "Netscape verification tool" ... I would hope there is more to it than that, to put it mildly.
Google more.We use the Bouncy Castle libraries to verify the signature on the text, because our system is inherently Java based, but you could use any other crypto library, including NSS.
None of this stuff is new, crypto.signtext() has been around for ten years or more, and the crypto libraries that support it, longer than that.
Regards, Graham --
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
