| HN Mirror

> Lawyers and judges don't understand GPG.

As I mentioned in another comment, having an expert witness testify about public/private keys, PKI, "Web of Trust" should be sufficient in court.

Alternatively, passing legislation that gives a digital signature prima facie status in court would work as well.

> Alternatively, passing legislation that gives a digital signature prima facie status in court would work as well.

All US jurisdictions already have such laws (in virtually all states, the same law—UETA—has been adopted, and E-SIGN is the federal law.)

Foreign jurisdictions may or may not have laws with similar effect, though I suspect they are pretty common by now, at least in the developed world.

[1] https://www.assuresign.com/electronic-signatures-vs-digital-...

There's a difference between "electronic signatures" and "digital signatures" [1]. I was referring to digital signatures, but, from what I've read and understand, the laws you cite refer to electronic signatures.

Digital sigbatures and electronic signatures are, to be sure, different things (you can digitally sign something without, for instance, any capture of intent to be a legal signsture) but, digital signatures are also a means of achieving a valid electronic signature as defined in those laws.

Obviously, people selling centralized document storage and electronic signature services are incentivized to obfuscate this as much as possible.

[1] https://news.ycombinator.com/item?id=14824452)

For some reason, I don't see a reply link for your most recent post [1].

> I didn't assert that case law made digital signatures equivalent to electronic signatures

You're correct; I didn't read your original response carefully enough. Also, the comment [2] that stated that the FSF does indeed allow for digital signatures (in the US at least) definitely settles the issues and answers my original question.

[2] https://news.ycombinator.com/item?id=14823665

> digital signatures are also a means of achieving a valid electronic signature as defined in those laws.

If that's the case, then why does the FSF require scanning a printout with a physical signature (as one commenter mentioned) instead of opting for a digital signature of that document?

Does case law pertaining to the laws you cited support the assertion that digital signatures have the same legal meaning as an electronic or physical signature?

> If that's the case, then why does the FSF require scanning a printout with a physical signature (as one commenter mentioned) instead of opting for a digital signature of that document?

I dunno, ask the FSF what their reasoning is. Among the numerous plausible explanations is that they are concerned about laws in some non-US jurisdictions, or that they haven't expended resources examining other options.

> Does case law pertaining to the laws you cited support the assertion that digital signatures have the same legal meaning as an electronic or physical signature?

I didn't assert that case law made digital signatures equivalent to electronic signatures (in fact, I explicitly pointed to one way in which it is possible for a digital signature to fail to meet the similar requirements in UETA and E-SIGN for an electronic signature.)

jordigh 3251 days ago

Passing legislation or bringing in expert witnesses (and risk having their testimony being questioned) are all harder than just appeasing the old, wrinkly guys sitting on the benches.

> Lawyers and judges don't understand GPG. Your silly hacker shenanigans don't hold up in court.

Presumably, lawyers and judges will understand state (notably, UETA, in all but three states) and federal laws (notably, E-SIGN) governing the use and validity of electronic signatures.

jordigh 3251 days ago

> Presumably,

Are you erring on the side of legal caution? 'Cause I assure you the FSF is.