Lawyers and judges don't understand GPG. Your silly hacker shenanigans don't hold up in court. Or maybe they will, but it's a gamble.
Yes, it's a creaky, old system, but that's how it works: with paper and signatures and old, wrinkly men sitting on benches deciding your fate based on their incomplete understanding of modern technology.
There's a difference between "electronic signatures" and "digital signatures" [1]. I was referring to digital signatures, but, from what I've read and understand, the laws you cite refer to electronic signatures.
Digital sigbatures and electronic signatures are, to be sure, different things (you can digitally sign something without, for instance, any capture of intent to be a legal signsture) but, digital signatures are also a means of achieving a valid electronic signature as defined in those laws.
Obviously, people selling centralized document storage and electronic signature services are incentivized to obfuscate this as much as possible.
For some reason, I don't see a reply link for your most recent post [1].
> I didn't assert that case law made digital signatures equivalent to electronic signatures
You're correct; I didn't read your original response carefully enough. Also, the comment [2] that stated that the FSF does indeed allow for digital signatures (in the US at least) definitely settles the issues and answers my original question.
> digital signatures are also a means of achieving a valid electronic signature as defined in those laws.
If that's the case, then why does the FSF require scanning a printout with a physical signature (as one commenter mentioned) instead of opting for a digital signature of that document?
Does case law pertaining to the laws you cited support the assertion that digital signatures have the same legal meaning as an electronic or physical signature?
Passing legislation or bringing in expert witnesses (and risk having their testimony being questioned) are all harder than just appeasing the old, wrinkly guys sitting on the benches.
> Lawyers and judges don't understand GPG. Your silly hacker shenanigans don't hold up in court.
Presumably, lawyers and judges will understand state (notably, UETA, in all but three states) and federal laws (notably, E-SIGN) governing the use and validity of electronic signatures.
This has been available for contributors in the United States for some years now, and I've used it to sign the assignment documents in the past. It might not be available in all countries though.
> If you use GPG, you can sign your assignment using a
detached signature in the following manner:
> gpg -a --detach-sig ASSIGNMENT
> Where ASSIGNMENT is the PDF file(s) as you have received it from us.
> Then simply email the assignment, key ID, and signature file back to us
at assign@gnu.org. Please make sure that your key is listed on a public
keyserver.
I'm actually surprised that no one mentioned this sooner. It's too bad that this isn't an option for most other legal documents that one has to submit in a lot of situations.
Well played, sir. Given the nature of FSF's business you'd think they'd be on the cutting edge of digital identification and authentication. GPG keys a thousand times better at properly identifying an owner than an easily forged pen-and-paper signature.
For that matter, why not have a blockchain assignment process? Given what a vanguard for technology FSF used to be it's a shame to watch it devolve at the pace of bureaucracy.
> Given the nature of FSF's business you'd think they'd be on the cutting edge of digital identification and authentication.
The FSF is very careful about the legal system. Signed paper contracts are a robust legal technology. When something important happens, they don't want a judge to be distracted by unfamiliar things.
edit: they also have digital signing in a couple of different forms.
It would be a matter of checking if there's any judicial precedent for digital signatures. If not, then an expert witness explaining the principles behind public/private keys, PKIs (how they're used in industry to verify the authenticity of servers), and how it compares to the "web of trust" model in terms of verifying authenticity and how it applies to FSF contributors.
Yes, it's a creaky, old system, but that's how it works: with paper and signatures and old, wrinkly men sitting on benches deciding your fate based on their incomplete understanding of modern technology.