Ian G wrote, On 2008-11-20 06:04 PST: > Nelson Bolyard wrote: > Um. So these tools organise a signature from a client cert over the > text in the form text box, and then post the signature up to the server?
Well, I can only speak for what Mozilla browsers do. They generate a "document" that contains the signed text and the digital signature and the certificate chain with which the digital signature can be verified (or repudiated), in the CMS format. That document is sent. >> There doesn't seem to be any standard for a way make this work >> that is common to all browsers. NSS provides the necessary crypto code. > > This requires a client-certificate HTTPS connection to the webserver to > make it happen? It's completely independent of https. The browser *may* use the same cert for signing a document as for https client auth, or there may be no https client auth at all (and indeed, no https at all). The signed document can be verified on its own without regard to the channel through which it was sent. It's essentially a little S/MIME message, minus the MIME. :) (SMIME = MIME + CMS) >> What's missing is the definition of the way (syntax) by which to invoke it >> in the browser. If I recall correctly, Anders has proposed something for >> that purpose, and perhaps he has developed some software for that purpose. > Right, Anders pointed me to this in private email: I wrote a lengthy response about how/why some proposals get adopted and widely deployed in the web, and others do not, but it's too long for this thread. Maybe I'll send it separately in another thread. >> I'm personally wary of efforts that push to make it possible for users to >> make such legally effective signatures without solving the problems of how >> to protect the user. > > Plus, they are generally not necessary. A digital signature isn't a > signature, whereas a checkbox with the words "I agree" is. Where you live, maybe. In other parts of the world, a digital signature is a signature (the strongest form, in fact), and some server's log file claiming that "the user checked the checkbox here" is worthless. > Well, my first thought was: this can't work, for all the normal reasons > why digital signatures don't work. My second thought was, gee, I need > it in a project I'm working on. Oops! > > Hmmm... I wonder what my third thought will be... Me too. :) > Seriously though, I can see lots of applications for it, but the > infrastructure required makes this less of a tech concept and more of a > legal / document management management concept is missing in most > contexts. This is a business problem not a tech problem. Clearly it is a problem in both spaces simultaneously. Clearly, the ability to produce wonderful signed documents with lots of wonderful properties (effectively unforgeable, alterations are all detectable) is useless if no-one puts them into use (witness both S/MIME and PGP), but by the same token, without the technology to provide some resistance to forgery and alteration, (or even replay/playback), the business world will not take the risk of using technologies that produce documents that are easy to forge, alter or replay (in contexts where documents are of sufficient value that others may be tempted to engage in such things). _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
