Frederick Roeber wrote: >>I'm of the opinion that encryption and signing should be turned on >>by default >> > > Turning on signing by default might be dangerous, not everybody is > comfortable with a Legally Binding Signature on every random note they > send. (Plausible deniability can be a good thing!)
According to our lawyers, you own your words and your actions regardless of the presence or absence of a digital signature. Adding a digital signature merely reduces the wiggle room you have to deny you sent the note. We were told about examples in US caselaw where defendants claimed a contract was non-binding because they did not actually sign their name on the contract. The courts held that the defendant did indeed enter into the contract despite the lack of a signature. In one case, the defendant had faxed a blank page to the plaintiff with the words "I agree"; no signature, no date, no reference to the contract in question. In other words, you're responsible for your words and actions today, even without a digital signature. Of course, if you're the victim of a large multi-national conspiracy like Fred is, there is little hope anyway. ;-) > I'd like encryption on by default, though. We have got to stop all this > mail being sent around in plaintext. Agreed. I'd like to see lots of people turn on the "Encrypt if possible" option. If we can make S/MIME discoverable, simple, cool, and viral, we'll be on our way to achieving your goal. -Bob -- Bob Lord Director, Security Engineering Netscape Communications Corp. http://www.mozilla.org/projects/security/pki/
