Version 1.3
The comp.security.pgp FAQ
5. Message Signatures
- 5.1 What is message signing?
- 5.2 How do I sign a message and keep it readable?
- 5.3 Can't you just forge a signature by copying the signature block to another message?
- 5.4 Are PGP signatures legally binding?
- 5.5 Is the date on a PGP signature reliable?
5.1 What is message signing?
Let's imagine that you received a letter in the mail from someone you know
named John Smith. How do you know that it was really John who sent
you the letter and not someone else who simply forged his name? With PGP, it is
possible to apply a digital signature to a message that is impossible to
forge. If you already have a trusted copy of John's public encryption key,
you can use it to check the signature on the message. It would be impossible
for anybody but John to have created the signature, since he is the only
person with access to the secret key necessary to create the signature. In
addition, if anybody has tampered with an otherwise valid message, the
digital signature will detect the fact. It protects the entire message.
5.2 How do I sign a message and keep it readable?
Sometimes you are not interested in keeping the contents of a message
secret, you only want to make sure that nobody tampers with it, and to
allow others to verify that the message is really from you. For this,
you can use clear signing. Clear signing only works on text files, it
will
not work on binary files. The command format is:
pgp -sat +clearsig=on <filename>
The output file will contain your original unmodified text, along with
section headers and an armored PGP signature. In this case, PGP is not
required to read the file, only to verify the signature.
You should be careful when you "clearsign" a text file like this. Some
mail programs might alter your message when it is being sent, for example
because there are very long lines in the message. This will invalidate
the signature on the message. Also, using 8-bit characters in your message
can cause problems; some versions of PGP will think the file is actually
a binary file, and refuse to clearsign it.
For this reason, PGP 2.6.3i will automatically ASCII armor messages with
very long lines in it.
5.3 Can't you just forge a signature by copying the signature block to another message?
No. The reason for this is that the signature contains information
(called a "message digest" or a "one-way hash") about the message it's
signing. When the signature check is made, the message digest from
the message is calculated and compared with the one stored in the
encrypted signature block. If they don't match, PGP reports that the
signature is bad.
5.4 Are PGP signatures legally binding?
It has become legal in many places now. At least one company is using
PGP digital signatures on contracts to provide "quick agreement" via
E-mail, allowing work to proceed without having to wait for the paper
signature.
In the USA, the state of Utah adopted its
Digital Signature Act
(the "1995 Utah
Act") on February 27, 1995. It was signed by Michael Leavitt, Governor
of Utah, on March 9, 1995, and took effect on May 1,1995. Utah was
the first legal system in the world to adopt a comprehensive statute
enabling electronic commerce through digital signatures. Thereafter, the 1996
amendment became effective on April 29, 1996.
Other USA states are also working on implementing this technology for
commerce, like Georgia, Washington and Illinois, ect. Apart from Utah,
currently California and Virgina have bills or laws enabling this
technology.
The Georgia law is available from:
http://www.cc.emory.edu/BUSINESS/gds.html
The Washington is available from:
http://access.wa.net/sb6423_info/index.html
In many jurisdictions, a prior agreement in writing to accept valid
digital signatures as binding is itself binding. If you are going
to be swapping many digitally-signed agreements with another party,
this approach may be useful. You might want to check with a lawyer
in your country if the digital signatures will be used for important
or valuable contracts.
5.5 Is the date on a PGP signature reliable?
No. The date and time you see when you verify a PGP signature on a file
(often called a
timestamp)
is the time and date the computer was set to when the signature was
created. On most computers, it is extremely easy to reset the date and
time to any time you want, so you can generate documents with a
forged timestamp.
For this reason, you can use a so-called digital notary or
time-stamping service. This is a system that does nothing but sign
documents you send to it, after inserting a date and time somewhere
in the text. The service uses a numbering scheme which makes it
impossible to insert timestamps at a later time. One such service
is run by Matthew Richardson. For more information about it, please
see
http://www.itconsult.co.uk/stamper.htm.
[
Previous |
Next |
Table of Contents |
About this FAQ |
Glossary ]
Copyright © 1996 by Arnoud Engelfriet.
Last updated: 20 Apr 1997.
Comments, additions and suggestions can be sent to <faq-admin@mail.pgp.net>.
This FAQ was generated by Orb v1.3 for OS/2.