|
|
|
|
|
|
by woodruffw
1344 days ago
|
|
|
> How could you possibly open a bank account with someone's random signed document? A signature on paper identifies who signed it. That is the point. The normal examples are surreptition and impersonation: * I could include your bank statement in the stack of physical documents reviewed for a new account. An overworked banker might miss the different name, or different signature, and treat it as another legitimate item for me when it’s a legitimate item for you. After all, it’s signed and legitimate looking. * More interestingly, I can just pretend to be you. If you don’t already have an account with the bank, I can give them my phone number and address instead. I have your signed document! The latter is how a lot of account fraud actually happens, and maps to PGP’s failure to provide strong identity through the “web of trust.” See, for example, people “verifying” email signatures by just looking the “right” key up on a keyserver. |
|
|