Ian G wrote: >That wasn't my question. Here's my question again: How do you show any >person afterwards that the person signed it?
>I mean: how does Alice look tomorrow in this system to see what she >signed? Next year? How does Bob look next year to see what Alice >signed? How does Trent, some random third party like a judge? This is a very valid question and probably you will find my answer pretty insufficient, but WASP was deliberately designed for service-providers who want to automate and improve credibility of exiting systems, not creating a new fancy tool for "emulating" contract writing in the physical world. The latter represents a technical and legal challenge I'm not ready for :-) Converted to practical terms that means that the service provider is asking you to grant something, and then it should in some way provide you with a receipt that depending on the actual use-case may contain not only the original "document", but additional details such as when it was received. A patent filing application would fit this description, while an in-house purchasing application would not since such systems keep all data available on-line for any authorized user to view like existing purchase operations. Saving a signed document locally would not really make much of a difference since you technically can create arbitrary off-line data and sign it. If you OTOH required that requests are signed by service-providers it would more sense (at least legally) since then you could prove what you where requested to sign which I believe was the primary objection to what I'm currently implementing. However, trying to squeeze in "peer" signature scenarios would IMO be dumb; such a scheme needs to be designed from the ground and up! Patent-filing, in-house purchasing, and tax declarations are not really "peer" scenarios, because the associated service providers set all the rules. WASP adheres to this unilateral notion :-) Anders _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
