http://www.perlmonks.org?node_id=246467


in reply to www.Affero.com and interview from slashdot

It isn't much of a reputation system, since there is no way to ensure that a digital document was in fact created by the person who's virtual identity URL is attached to the document.

It isn't necessarily a bad thing if someone forges a document using my virtual identity and I get some donations, but I wouldn't be very pleased if my reputation were affected by the forged document.

Replies are listed 'Best First'.
Re: Re: Affero
by zby (Vicar) on Mar 28, 2003 at 14:09 UTC
    For me the reputation part is the most important. I believe there should be a way to sign your messages and if they don't use it now they probably will in the future.

      The difficulty with signatures (both digital and not) is that they can be duplicated, and even beyond that accepting one involves a lot of trust. In essence, a signature is not a way to ensure that a particular document came from someone in particular, but a way to establish a paper trail in case there is ever any doubt or whatever.

      When I write a cheque, and sign at the bottom, the teller at the bank who eventually looks at it doesn't know for sure that is my signature. In fact, I knew someone who had her credit card stolen, and the thief used it four times, signing in four completely different ways. So a physical signature is just a way to say "Until someone says otherwise, this document is from Lai."

      Thing with digital signatures is, they're digital. Therefore, they can be instantly copied with 100% accuracy given just one example of the original. The fact that in order to make a signature at all useful you need to give it to people, means that even security through obscurity is impossible. You can't copy-protect anything because the act of giving someone a document is copying it.

      So, digital signatures can't be used to identify documents as coming from a specific source, unless they hold a reference to a database somewhere (either belonging to the signer or some third party) which keeps track of every document legitimately signed with that signature. Without a way to verify that not only is that signature on that cheque identical to mine, but that I personally made a record of having signed it, the signature is about as secure as the one at the bottom of this post. Then we get into ways of ensuring that the database you're checking is in fact a valid one...

      crypt('LAI','Na') crypt('__END__','Cl')
        A digital signature is quite different from a normal signature. Someones normal signature is always the same, and independent of the document signed. However, a digital signature is different for different documents. It's closely related to encrypting the document, except that in this case, you don't encrypt the plain text, but you encrypt a digest, and attach the encrypted digest to the document. The digest can be decrypted using your public key (assuming you are using some well-known public/private key encryption technique, like PGP).

        Assuming the encryption algorithm can't be broken, and your key isn't compromised, noone else can create the signature. The signature can be copied, but the signature is worthless without the plain text, copying to another document doesn't sign it. Also, if the original text is modified, it no longer matches the signature, so it prevents someone from modifying the original document and pretending you signed it.

        Abigail

        The thing is that the digital signature is inherently paired with the message it signs - so it won't work for any other message. You can copy it together with the orignal message but this would not make any harm to the poster.