Hello, Thanks for your thoughtful reply!
I agree the best option is to use a propoer digital signature. When properly done, it might be even more secure than a handwritten signature? Interesting point about the Creative Commons license, do you have examples of how it's used in a real-world case? Thanks! On 11/09/2015, Tom Davies <[email protected]> wrote: > Hi :) > I think Steve is referring to "electronic signatures" rather than something > resembling and pen&ink type scrawl. I've not looked into this as most > office workers i've ever known would be completely baffled by it and not > trust it despite it being much more secure and trustworthy. > > Another way that seems quite common these days is to print-out the > document, sign it with pen&ink properly and then scan the document back > into the computer. However there are numerous security and other problems > with this approach too! > > Something i might consider, because it's highly user-friendly, is to treat > the document as a piece of "electronic art" and use a Creative Commons > License generated for that one specific document. It is easily possible to > create a Creative Commons License to cover all the various documents you > might want to "sign", just as a signal signatures can be added to multiple > different documents, but that gets back to the same security issue of just > about anyone being able to copy&paste it onto anything they like. > > http://creativecommons.org/choose/ > > The Creative Commons route is not ideal as it's not what their licenses > were designed for but it might work. Probably have to upload the document > somewhere in order to have a "Source URL"/weblink for the document. The > drop-down at the bottom can be changed to an "off-line" mark to paste into > the document. > > > Part of the problem is that people want to do a visual quick comparison > between your signature on this and then compare that to another copy of > your signature that they do have complete trust in having been done by you > - just as passwords need to be compared against whatever you registered > your password as for that purpose. The problem is that such things can be > accessed and maybe even decrypted given enough time and processing power. > Retinal scans and finger-prints are just jpegs (or pngs or whatever other > image format) so in a few years time i'm sure we will all be "shocked" to > discover that they are no more secure than current systems. At the moment > they are just new and therefore criminals might need a bit of time to > catch-up but there is a good chance that many are already ahead of the game > anyway. > > > I think the best option is to create a proper digital signature and have > that alongside (or elsewhere near) the copy of the pen&ink signature. > > Good luck! > Regards from > Tom :) > > > On 11 September 2015 at 09:10, avamk <[email protected]> wrote: > >> Good idea, I should really start using different signatures for >> different things. I'll probably need a "signature" manager just like a >> password manager to help me keep track of all those signatures! >> >> On 11/09/2015, steveedmonds [via Document Foundation Mail Archive] >> <[email protected]> wrote: >> > >> > In some respects your signature was safer on a piece of paper in the >> > filing cabinet. >> > I have a different signature I use on electronic documents, not the >> > same >> > as the one at the bank or the lawyer. >> > It's still me signing it (statement of CE conformity, drawings, etc.) >> > but no one can get my money with it. >> > steve >> > >> > On 11/09/15 7:46 am, avamk wrote: >> >> That's true!! I guess it doesn't really matter how I try to secure the >> >> document if the receiver will see it on their screen, oh well. Thank >> >> you for the reminder! >> >> >> >> Encryption is helpful though to ensure that at least only my intended >> >> recipient will see the file. >> >> >> >> On 10/09/2015, steveedmonds [via Document Foundation Mail Archive] >> >> <[email protected]> wrote: >> >>> On 2015-09-11 03:06, avamk wrote: >> >>>> Hello, >> >>>> >> >>>> I think this is a rather outdated procedure, but I've come across >> cases >> >>>> where I am required to include a scanned image of my handwritten >> >>>> signature >> >>>> in a word processing document to "sign" it. Just to be clear, I am >> >>>> not >> >>>> talking about signing with a certificate, but rather an image of a >> >>>> handwritten signature inserted into the document. >> >>>> >> >>>> I am always scared of doing this, because what if an adversarial >> entity >> >>>> gets >> >>>> ahold of the document and starts using my signature for nefarious >> >>>> purposes??? So, is there a way to make this document (say, a .odt or >> >>>> .docx >> >>>> file) more secure that problem won't happen? Ideally I'd like to >> >>>> minimise >> >>>> complications/troubles when the receiver opens the file. >> >>>> >> >>>> Thank you! >> >>> Anyone who can view the document can take a screen snap (clip) of >> >>> your >> >>> signature image and use it as they like. The security issue is more >> >>> likely uncontrollable at the receivers end. >> >>> Are you suggesting something like a pass phrase required to open and >> >>> view a document, you can do this by just encrypting the file and >> >>> emailing with something like Enigmail. >> >>> Steve >> >> >> >> >> >> >> >> -- >> >> View this message in context: >> >> >> http://nabble.documentfoundation.org/Strategies-for-securing-a-document-with-an-embedded-picture-of-signature-tp4159938p4159970.html >> >> Sent from the Users mailing list archive at Nabble.com. >> > >> > >> > -- >> > To unsubscribe e-mail to: [email protected] >> > Problems? >> > http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ >> > Posting guidelines + more: >> > http://wiki.documentfoundation.org/Netiquette >> > List archive: http://listarchives.libreoffice.org/global/users/ >> > All messages sent to this list will be publicly archived and cannot be >> > deleted >> > >> > >> > >> > >> > >> > _______________________________________________ >> > If you reply to this email, your message will be added to the >> > discussion >> > below: >> > >> http://nabble.documentfoundation.org/Strategies-for-securing-a-document-with-an-embedded-picture-of-signature-tp4159938p4160008.html >> > >> > To unsubscribe from Strategies for securing a document with an embedded >> > picture of signature, visit >> > >> http://nabble.documentfoundation.org/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4159938&code=YXZrYXBsbWt0QGdtYWlsLmNvbXw0MTU5OTM4fC02MzM5MDA3MDg= >> >> >> >> >> -- >> View this message in context: >> http://nabble.documentfoundation.org/Strategies-for-securing-a-document-with-an-embedded-picture-of-signature-tp4159938p4160012.html >> Sent from the Users mailing list archive at Nabble.com. >> -- >> To unsubscribe e-mail to: [email protected] >> Problems? >> http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ >> Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette >> List archive: http://listarchives.libreoffice.org/global/users/ >> All messages sent to this list will be publicly archived and cannot be >> deleted >> >> > -- To unsubscribe e-mail to: [email protected] Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/users/ All messages sent to this list will be publicly archived and cannot be deleted
